Jenkins PaaSLane Estimate Plugin 1.0.4 and earlier stores PaaSLane authentication tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2023-12-13T17:30:21.372Z
Updated: 2024-08-02T22:23:42.964Z
Reserved: 2023-12-13T13:06:36.478Z
Link: CVE-2023-50776
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-12-13T18:15:44.330
Modified: 2023-12-18T19:11:13.227
Link: CVE-2023-50776
Redhat
No data.