Jenkins - Fortify On Demand CVE

Filtered by vendor Jenkins Subscribe

Filtered by product Fortify On Demand

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-10449	1 Jenkins	1 Fortify On Demand	2019-10-18	4.0 MEDIUM	8.8 HIGH
Jenkins Fortify on Demand Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.

Vulnerabilities (CVE)