CVE-2019-10280 is a vulnerability in Jenkins Assembla Auth
Published on April 4, 2019
Jenkins Assembla Auth Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system.
Products Associated with CVE-2019-10280
Want to know whenever a new CVE is published for Jenkins Assembla Auth? stack.watch will email you.
Affected Versions
Jenkins project Jenkins Assembla Auth Plugin Version all versions as of 2019-04-03 is affected by CVE-2019-10280Exploit Probability
EPSS
0.08%
Percentile
22.39%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.