Zephyr for JIRA Test Management Plugin 1.5 and earlier stores Jira credentials unencrypted in its global configuration file com.thed.zephyr.jenkins.reporter.ZfjReporter.xml on the Jenkins controller. These credentials can be viewed by users with access…
[org.jvnet.hudson.plugins:svn-release-mgr] Jenkins Subversion Release Manager Plugin vulnerable to cross-site scripting (XSS)
Subversion Release Manager Plugin 1.2 and earlier does not escape the error message for the Repository URL field form validation. This results in a reflected cross-site scripting vulnerability that can also be exploited similar to a stored cross-site s…
[com.openmake:deployhub] Credentials transmitted in plain text by Jenkins DeployHub Plugin
DeployHub Plugin stores credentials in job config.xml files as part of its configuration.
While the credentials are stored encrypted on disk, they are transmitted in plain text as part of the configuration form by DeployHub Plugin 8.0.14 and earlier. T…
[org.jenkins-ci.plugins:p4] Missing permission checks in Jenkins P4 Plugin
A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds or add labels in the Perforce repository.
P4 Plugin 1.10.11 appropriate user permissions for the affected HTTP endpoints…
[org.jenkins-ci.plugins:logstash] Credentials transmitted in plain text by Jenkins Logstash Plugin
Logstash Plugin stores credentials in its global configuration file jenkins.plugins.logstash.LogstashConfiguration.xml on the Jenkins controller as part of its configuration.
While the credentials are stored encrypted on disk, they are transmitted in p…
[org.jenkins-ci.plugins:rundeck] XXE vulnerability in Rundeck Plugin
Rundeck Plugin 3.6.6 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
This allows a user with Overall/Read access to have Jenkins parse a crafted HTTP request with XML data that uses external entities for extr…
[org.jenkins-ci.plugins:zephyr-enterprise-test-management] Credentials stored in plain text by Zephyr Enterprise Test Management Plugin
Zephyr Enterprise Test Management Plugin 1.9.1 and earlier stores its Zephyr password in plain text in the global configuration file com.thed.zephyr.jenkins.reporter.ZeeReporter.xml. This password can be viewed by users with access to the Jenkins contr…
[fr.edf.jenkins.plugins:mac] CSRF vulnerability in Mac Plugin
A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials.
References
https://nvd.nist.gov/vuln/detail/CVE-2020-2147
https://…
[org.jenkins-ci.plugins:repository-connector] Credentials transmitted in plain text by Repository Connector Plugin
Repository Connector Plugin stores credentials in its global configuration file org.jvnet.hudson.plugins.repositoryconnector.RepositoryConfiguration.xml on the Jenkins controller as part of its configuration.
While the credentials are stored encrypted …
[org.jenkins-ci.plugins:quality-gates] Jenkins Quality Gates Plugin transmits credentials in plain text during configuration
Quality Gates Plugin stores credentials in its global configuration file quality.gates.jenkins.plugin.GlobalConfig.xml on the Jenkins controller as part of its configuration. While the credentials are stored encrypted on disk, they are transmitted in p…