Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES SCA (Software Composition Analysis)

CVE-2018-1000147 Vulnerability in maven package org.jvnet.hudson.plugins:perforce

Description

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them

Remediation

References

https://jenkins.io/security/advisory/2018-03-26/#SECURITY-536

Related Vulnerabilities

CVE-2020-2211 Vulnerability in maven package com.elasticbox.jenkins-ci.plugins:kubernetes-ci

CVE-2020-16044 Vulnerability in maven package org.webjars.npm:electron

CVE-2023-45143 Vulnerability in npm package undici

CVE-2018-1000148 Vulnerability in maven package org.jenkins-ci.plugins:copy-to-slave

CVE-2023-24997 Vulnerability in maven package org.apache.inlong:manager-pojo

Severity

High

Classification

CWE-200 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Tags

Vendor Advisory