CVE-2020-2274
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2020-2274
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-2274.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2020-2274
- Aliases
- Published
- 2020-09-16T14:15:14Z
- Modified
- 2024-09-03T03:21:51.469078Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Jenkins ElasTest Plugin 1.2.1 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.
- References
Affected packages
Git / github.com/jenkinsci/elastest-plugin
Affected ranges
- Type
- GIT
- Repo
- https://github.com/jenkinsci/elastest-plugin
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affected
Affected versions
elastest-0.*
elastest-0.10
elastest-0.10.0-beta1
elastest-0.10.0-beta2
elastest-0.9.1
elastest-0.9.1-beta-1
elastest-0.9.1-beta-2
elastest-0.9.1-beta-4
elastest-1.*
elastest-1.0-beta1
elastest-1.0-beta2
elastest-1.0-beta4
elastest-1.0-beta5
elastest-1.0.0
elastest-1.0.0-beta6
elastest-1.0.0-beta7
elastest-1.0.0-beta8
elastest-1.0.0-beta9
elastest-1.0.1
elastest-1.1.0
elastest-1.2.1