CVE-2020-2145

Insufficiently Protected Credentials in maven/org.jenkins-ci.plugins/zephyr-enterprise-test-management

Identifiers

GHSA-xv58-gp43-6m76, CVE-2020-2145

Package Slug

maven/org.jenkins-ci.plugins/zephyr-enterprise-test-management

Vulnerability

Insufficiently Protected Credentials

Description

Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and earlier stores its Zephyr password in plain text on the Jenkins master file system.

Affected Versions

All versions before 1.10

Solution

Upgrade to version 1.10 or above.

Last Modified

2023-01-15

source