Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2022-41247

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Jenkins BigPanda Notifier Plugin 1.4.0 and earlier stores the BigPanda API key unencrypted in its global configuration file on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

General Information

Vendors

  • Jenkins project

Products

  • Jenkins BigPanda Notifier Plugin

Additional Info

Technical Analysis