CVE-2019-1010241

MEDIUM Year: 2019
CVSS v3 Score
6.5
Medium
CVSS v2 Score
4.0
Medium
Weakness Type
CWE-257
View all →

Vulnerability Description

Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line #30 (passwordVariable). The attack vector is: Attacker creates and executes a Jenkins job.

Related Vulnerabilities

CVE-2023-23382

MEDIUM
CVSS:6.5(Medium)

Azure Machine Learning Compute Instance Information Disclosure Vulnerability

CWE-2572023

CVE-2023-31150

MEDIUM
CVSS:6.5(Medium)

A Storing Passwords in a Recoverable Format vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) database system could allow an authenticated attacker to...

CWE-2572023

CVE-2020-8296

MEDIUM
CVSS:6.7(Medium)

Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured.

CWE-2572020

CVE-2023-2881

MEDIUM
CVSS:6.7(Medium)

Storing Passwords in a Recoverable Format in GitHub repository pimcore/customer-data-framework prior to 3.3.10.

CWE-2572023

CVE-2021-0220

MEDIUM
CVSS:6.8(Medium)

The Junos Space Network Management Platform has been found to store shared secrets in a recoverable format that can be exposed through the UI. An attacker who is able to execute arbitrary code in the ...

CWE-2572021

CVE-2024-32756

MEDIUM
CVSS:6.8(Medium)

Under certain circumstances the Linux users credentials may be recovered by an authenticated user.

CWE-2572024