Description
Jenkins jira-ext Plugin 0.8 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.
Remediation
References
https://jenkins.io/security/advisory/2019-04-17/#SECURITY-836
http://www.securityfocus.com/bid/108045
Related Vulnerabilities
CVE-2018-5158 Vulnerability in maven package org.webjars.bowergithub.mozilla:pdfjs-dist
CVE-2016-4432 Vulnerability in maven package org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol
CVE-2023-30522 Vulnerability in maven package org.jenkins-ci.plugins:fogbugz
CVE-2019-18362 Vulnerability in maven package com.jetbrains:mps
CVE-2018-1000011 Vulnerability in maven package org.jvnet.hudson.plugins.findbugs:parent