CVE-2018-1000424
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-1000424
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1000424.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-1000424
- Aliases
- Published
- 2019-01-09T23:29:02Z
- Modified
- 2024-09-03T02:01:29.284303Z
- Severity
-
- 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An insufficiently protected credentials vulnerability exists in Jenkins Artifactory Plugin 2.16.1 and earlier in ArtifactoryBuilder.java, CredentialsConfig.java that allows attackers with local file system access to obtain old credentials configured for the plugin before it integrated with Credentials Plugin.
- References
Affected packages
Git / github.com/jfrog/jenkins-artifactory-plugin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jfrog/jenkins-artifactory-plugin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
2.*
2.1.6
artifactory-1.*
artifactory-1.4.3
artifactory-2.*
artifactory-2.0.0
artifactory-2.0.1
artifactory-2.0.3
artifactory-2.0.4
artifactory-2.0.5
artifactory-2.0.6
artifactory-2.0.7
artifactory-2.0.8
artifactory-2.0.9
artifactory-2.1.0
artifactory-2.1.1
artifactory-2.1.2
artifactory-2.1.3
artifactory-2.1.4
artifactory-2.1.5
artifactory-2.1.7
artifactory-2.1.8
artifactory-2.10.0
artifactory-2.10.1
artifactory-2.10.2
artifactory-2.10.3
artifactory-2.10.4
artifactory-2.11.0
artifactory-2.12.0
artifactory-2.12.1
artifactory-2.12.2
artifactory-2.13.0
artifactory-2.13.1
artifactory-2.14.0
artifactory-2.15.0
artifactory-2.15.1
artifactory-2.16.0
artifactory-2.16.1
artifactory-2.2.0
artifactory-2.2.1
artifactory-2.2.2
artifactory-2.2.3
artifactory-2.2.4
artifactory-2.2.5
artifactory-2.2.6
artifactory-2.2.7
artifactory-2.3.0
artifactory-2.3.1
artifactory-2.4.0
artifactory-2.4.1
artifactory-2.4.2
artifactory-2.4.4
artifactory-2.4.5
artifactory-2.4.6
artifactory-2.5.0
artifactory-2.6.0
artifactory-2.7.0
artifactory-2.7.1
artifactory-2.7.2
artifactory-2.8.0
artifactory-2.8.1
artifactory-2.8.2
artifactory-2.9.0
artifactory-2.9.1
artifactory-2.9.2