CVE-2020-2119
Insufficiently Protected Credentials in maven/org.jenkins-ci.plugins/azure-ad
Identifiers
GHSA-vvg2-hg3c-mqj3, CVE-2020-2119
Package Slug
maven/org.jenkins-ci.plugins/azure-ad
Vulnerability
Insufficiently Protected Credentials
Description
Jenkins Azure AD Plugin 1.1.2 and earlier transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.
Affected Versions
All versions before 1.2.0
Solution
Upgrade to version 1.2.0 or above.
Last Modified
2023-01-15
| source |