Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier stores the GitHub Personal Access Token, Sonar access token and Sonar password unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: jenkins
Published: 2023-01-24T00:00:00
Updated: 2024-08-02T10:56:04.038Z
Reserved: 2023-01-23T00:00:00
Link: CVE-2023-24442
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-01-26T21:18:17.960
Modified: 2024-11-21T07:47:52.510
Link: CVE-2023-24442
Redhat
No data.