CVE-2017-1000113
Title: Jenkins Deploy Information Disclosure
Proof Of Concept
No public PoC currently indexed for CVE-2017-1000113.
Vulnerability Summary
CVE-2017-1000113: The Deploy to container Plugin stored passwords unencrypted as part of its configuration. This allowed users with Jenkins master local file system access, or users with Extended Read access to the jobs it is used in, to retrieve those passwords. The Deploy to container Plugin now integrates with Credentials Plugin to store passwords securely, and automatically migrates existing passwords.
Impacted Vendors
Reference Links
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AV:L/AC:L/Au:N/C:P/I:N/A:N
Associated Attack Patterns (CAPEC)
Total: PatternsNo specific attack patterns mapped.
CVE-2017-1000113 Exploits & PoCs (Proof Of Concept)
No public PoCs found in our database for this CVE.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data updated via NVD.
Vulnerability data or affected products updated.
Vulnerability first announced in NVD.
Attack Vector Matrix
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Stack
No specific products linked.