CVE-2019-10302

Insufficiently Protected Credentials in maven/org.jenkins-ci.plugins/jira-ext

Identifiers

GHSA-chm8-wp3h-f4m3, CVE-2019-10302

Package Slug

maven/org.jenkins-ci.plugins/jira-ext

Vulnerability

Insufficiently Protected Credentials

Description

Jenkins jira-ext Plugin 0.8 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

Affected Versions

All versions before 0.9

Solution

Upgrade to version 0.9 or above.

Last Modified

2023-05-22

source