Description
An insufficiently protected credentials vulnerability exists in JenkinsAppDynamics Dashboard Plugin 1.0.14 and earlier in src/main/java/nl/codecentric/jenkins/appd/AppDynamicsResultsPublisher.java that allows attackers without permission to obtain passwords configured in jobs to obtain them.
Remediation
References
https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1087
http://www.securityfocus.com/bid/107476
Related Vulnerabilities
CVE-2019-10354 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2021-39231 Vulnerability in maven package org.apache.ozone:ozone-main
CVE-2022-38900 Vulnerability in npm package decode-uri-component
CVE-2022-36892 Vulnerability in maven package org.jenkins-ci.plugins:rhnpush-plugin