Inadequate Identification of Sensitive Values in Jenkins Configuration as Code Plugin

Inadequate Identification of Sensitive Values in Jenkins Configuration as Code Plugin

CVE-2019-10363 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Jenkins Configuration as Code Plugin 1.24 and earlier did not reliably identify sensitive values expected to be exported in their encrypted form.

Learn more about our Web Application Penetration Testing UK.