A exposure of sensitive information vulnerability exists in Jenkins Configuration as Code Plugin 0.7-alpha and previous versions in DataBoundConfigurator.java, Attribute.java, BaseConfigurator.java, ExtensionConfigurator.java that allows attackers with access to Jenkins log files to obtain the passwords configured using Configuration as Code Plugin.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins configuration as code 0.3 |
||
jenkins configuration as code 0.4 |
||
jenkins configuration as code 0.5 |
||
jenkins configuration as code 0.6 |
||
jenkins configuration as code 0.1 |
||
jenkins configuration as code 0.2 |
||
jenkins configuration as code 0.7 |