Incomplete Fix of CVE-2019-10343 in Jenkins Configuration as Code Plugin 1.26 and Earlier

Incomplete Fix of CVE-2019-10343 in Jenkins Configuration as Code Plugin 1.26 and Earlier

CVE-2019-10367 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Due to an incomplete fix of CVE-2019-10343, Jenkins Configuration as Code Plugin 1.26 and earlier did not properly apply masking to some values expected to be hidden when logging the configuration being applied.

Learn more about our Web Application Penetration Testing UK.