An exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.10.1 and earlier in KubernetesCloud.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins.
References
Link | Resource |
---|---|
https://jenkins.io/security/advisory/2018-07-30/#SECURITY-1016 | Vendor Advisory |
Configurations
Information
Published : 2018-08-01 06:29
Updated : 2019-10-02 17:03
NVD link : CVE-2018-1999040
Mitre link : CVE-2018-1999040
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
jenkins
- kubernetes