Home

CVE-2019-10297

Description

Jenkins Sametime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

Risk Information

Base Score
8.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.078

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2019-10297 are affected in Jenkins - sametime 0.4Windows
Vulnerabilities CVE-2019-10297 are affected in Jenkins - sametime for Linux 0.4Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234