Insufficiently Protected Credentials Vulnerability in Jenkins Artifactory Plugin
CVE-2018-1000424
7.8HIGH
What is CVE-2018-1000424?
A security flaw exists in the Jenkins Artifactory Plugin versions 2.16.1 and earlier due to insufficient protection of credentials stored within the plugin. This vulnerability enables attackers who have local file system access to extract old credentials previously configured for the plugin. The exposure occurs because these credentials remain accessible prior to the integration with the Credentials Plugin, thereby posing a potential risk for unauthorized access.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved