Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: jenkins
Published: 2022-11-15T00:00:00
Updated: 2024-08-03T14:09:56.960Z
Reserved: 2022-11-14T00:00:00
Link: CVE-2022-45384

No data.

Status : Modified
Published: 2022-11-15T20:15:11.817
Modified: 2024-11-21T07:29:09.570
Link: CVE-2022-45384

No data.