CVE-2019-1003045

Insufficiently Protected Credentials in maven/de.eacg/ecs-publisher

Identifiers

GHSA-ffj8-w4rj-vr7v, CVE-2019-1003045

Package Slug

maven/de.eacg/ecs-publisher

Vulnerability

Insufficiently Protected Credentials

Description

A vulnerability in Jenkins ECS Publisher Plugin 1.0.0 and earlier allows attackers with Item/Extended Read permission, or local file system access to the Jenkins home directory to obtain the API token configured in this plugin's configuration.

Affected Versions

All versions up to 1.0.0

Solution

Upgrade to version 1.0.1 or above.

Last Modified

2024-01-31

source