Plain Text Storage of Zephyr Password in Jenkins Zephyr Enterprise Test Management Plugin

Plain Text Storage of Zephyr Password in Jenkins Zephyr Enterprise Test Management Plugin

CVE-2020-2145 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and earlier stores its Zephyr password in plain text on the Jenkins master file system.

Learn more about our Web Application Penetration Testing UK.