CVE-2019-1003048

Severity CVSS v4.0:
Pending analysis
Type:
CWE-311 Missing Encryption of Sensitive Data
Publication date:
28/03/2019
Last modified:
25/10/2023

Description

A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attackers with local file system access to the Jenkins home directory to obtain the unencrypted password from the plugin configuration.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:jenkins:prqa:*:*:*:*:*:jenkins:*:* 3.1.0 (including)