Published: 25/03/2020 Updated: 27/03/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

Jenkins Artifactory Plugin 3.6.0 and previous versions transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.

Vulnerability Trend

Affected Products

Vendor Product Versions

Mailing Lists

Jenkins is an open source automation server which enables developers around the world to reliably build, test, and deploy their software The following releases contain fixes for security vulnerabilities: * Jenkins 2228 * Jenkins LTS 22046 and 22221 * Artifactory Plugin 360 and 361 * Azure Container Service Plugin 102 * OpenShift Pipel ...