CVE-2022-34199

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-34199

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-34199.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-34199

Aliases

GHSA-c8mf-mc3f-2wvc

Published

2022-06-23T17:15:17.220Z

Modified

2026-03-14T11:48:12.184639Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

Jenkins Convertigo Mobile Platform Plugin 1.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.

References

https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2064

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-34199.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "1.1"
            }
        ]
    }
]