An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and previous versions in SaltAPIBuilder.java, SaltAPIStep.java that allows malicious users to capture credentials with a known credentials ID stored in Jenkins.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jenkins saltstack |