Jenkins Accurev Plugin 0.7.16 and Earlier: Sensitive Information Exposure Vulnerability

Jenkins Accurev Plugin 0.7.16 and Earlier: Sensitive Information Exposure Vulnerability

CVE-2018-1999028 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

An exposure of sensitive information vulnerability exists in Jenkins Accurev Plugin 0.7.16 and earlier in AccurevSCM.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins.

Learn more about our Web Application Penetration Testing UK.