CVE-2017-1000245

Insufficiently Protected Credentials in maven/org.jenkins-ci.plugins/ssh

Identifiers

GHSA-5gmf-8gh2-hhfp, CVE-2017-1000245

Package Slug

maven/org.jenkins-ci.plugins/ssh

Vulnerability

Insufficiently Protected Credentials

Description

The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file.

Affected Versions

All versions before 2.5

Solution

Upgrade to version 2.5 or above.

Last Modified

2022-11-23

source