Vulnerabilities > Jenkins > High

DATE CVE VULNERABILITY TITLE RISK
2019-04-04 CVE-2019-1003063 Missing Encryption of Sensitive Data vulnerability in Jenkins Amazon SNS Build Notifier
Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
network
low complexity
jenkins CWE-311
8.8
2019-04-04 CVE-2019-1003062 Missing Encryption of Sensitive Data vulnerability in Jenkins AWS Cloudwatch Logs Publisher
Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
network
low complexity
jenkins CWE-311
8.8
2019-04-04 CVE-2019-1003061 Missing Encryption of Sensitive Data vulnerability in Jenkins Jenkins-Cloudformation-Plugin
Jenkins jenkins-cloudformation-plugin Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-311
8.8
2019-04-04 CVE-2019-1003060 Missing Encryption of Sensitive Data vulnerability in Jenkins Official Owasp ZAP
Jenkins Official OWASP ZAP Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
network
low complexity
jenkins CWE-311
8.8
2019-04-04 CVE-2019-1003057 Missing Encryption of Sensitive Data vulnerability in Jenkins Bitbucket Approve
Jenkins Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
network
low complexity
jenkins CWE-311
8.8
2019-04-04 CVE-2019-1003056 Missing Encryption of Sensitive Data vulnerability in Jenkins Websphere Deployer
Jenkins WebSphere Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-311
8.8
2019-04-04 CVE-2019-1003055 Missing Encryption of Sensitive Data vulnerability in Jenkins FTP Publisher
Jenkins FTP publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
network
low complexity
jenkins CWE-311
8.8
2019-04-04 CVE-2019-1003054 Missing Encryption of Sensitive Data vulnerability in Jenkins Jira Issue Updater
Jenkins Jira Issue Updater Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-311
8.8
2019-04-04 CVE-2019-1003053 Missing Encryption of Sensitive Data vulnerability in Jenkins Hockeyapp
Jenkins HockeyApp Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.
network
low complexity
jenkins CWE-311
8.8
2019-04-04 CVE-2019-1003052 Missing Encryption of Sensitive Data vulnerability in Jenkins AWS Elastic Beanstalk Publisher
Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
network
low complexity
jenkins CWE-311
8.8