Insecure Storage of Credentials in Subversion Plugin for Jenkins

Insecure Storage of Credentials in Subversion Plugin for Jenkins

CVE-2013-6372 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file.

Learn more about our User Device Pen Test.