Incomplete Fix of CVE-2019-10343 in Jenkins Configuration as Code Plugin 1.26 and Earlier
CVE-2019-10367 · MEDIUM Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Due to an incomplete fix of CVE-2019-10343, Jenkins Configuration as Code Plugin 1.26 and earlier did not properly apply masking to some values expected to be hidden when logging the configuration being applied.
Learn more about our Web Application Penetration Testing UK.