Home

CVE-2025-31725

Description

Jenkins monitor-remote-job Plugin 1.0 stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
EPSS Score
Exploitation Probability
0.122

Associated Vulnerability

VulnerabilityOS Platform
Vulnerabilities CVE-2025-31725 are affected in Ukiuni - monitor-remote-job 1.0Windows
Vulnerabilities CVE-2025-31725 are affected in Ukiuni - monitor-remote-job for Linux 1.0Linux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234