Description
An insufficiently protected credentials vulnerability exists in JenkinsAppDynamics Dashboard Plugin 1.0.14 and earlier in src/main/java/nl/codecentric/jenkins/appd/AppDynamicsResultsPublisher.java that allows attackers without permission to obtain passwords configured in jobs to obtain them.
Remediation
References
http://www.securityfocus.com/bid/107476
https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1087
Related Vulnerabilities
CVE-2019-10754 Vulnerability in maven package org.apereo.cas:cas-server-support-shell
CVE-2019-16777 Vulnerability in maven package org.webjars.npm:npm
CVE-2022-31198 Vulnerability in npm package @openzeppelin/contracts
CVE-2023-22579 Vulnerability in npm package @sequelize/core
CVE-2020-13946 Vulnerability in maven package org.apache.cassandra:cassandra-all