CVE-2019-10391

Cleartext Transmission of Sensitive Information in maven/com.hcl.security/ibm-application-security

Identifiers

GHSA-65rj-cgrp-g65w, CVE-2019-10391

Package Slug

maven/com.hcl.security/ibm-application-security

Vulnerability

Cleartext Transmission of Sensitive Information

Description

Jenkins IBM Application Security on Cloud Plugin 1.2.4 and earlier transmitted configured passwords in plain text as part of job configuration forms, potentially resulting in their exposure.

Affected Versions

All versions up to 1.2.4

Solution

Upgrade to version 1.2.5 or above.

Last Modified

2024-01-31

source