Jenkins Perforce Plugin exposure of sensitive information vulnerability exists
Moderate severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Jan 9, 2024
Description
Published by the National Vulnerability Database
Apr 5, 2018
Published to the GitHub Advisory Database
May 14, 2022
Reviewed
Jan 9, 2024
Last updated
Jan 9, 2024
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them
References