cve/CVE-2019-1010241.md at 7818c5651982aa78500b326433f643b6a96ab8c1

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-257: Storing Passwords in a Recoverable Format. The impact is: Authenticated users can recover credentials. The component is: config-variables.jelly line #30 (passwordVariable). The attack vector is: Attacker creates and executes a Jenkins job.

POC

Reference

https://docs.google.com/document/d/1MBEoJSMvkjp5Kua0bRD_kiDBisL0fOCwTL9uMWj4lGA/edit?usp=sharing

Github

No PoCs found on GitHub currently.

896 B Raw Blame History

CVE-2019-1010241

Description

POC

Reference

Github

896 B

Raw Blame History