Skip to main content

Jenkins Qmetry For Jira

2 CVEs product

Monthly

CVE-2019-16545 Maven MEDIUM PATCH This Month

Jenkins QMetry for JIRA - Test Management Plugin transmits credentials in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Atlassian Jenkins Information Disclosure Jenkins Qmetry For Jira
NVD
CVSS 3.1
6.5
EPSS
0.5%
CVE-2019-16544 Maven HIGH PATCH This Week

Jenkins QMetry for JIRA - Test Management Plugin 1.12 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Atlassian Jenkins Information Disclosure Jenkins Qmetry For Jira
NVD
CVSS 3.1
8.8
EPSS
0.8%
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Jenkins QMetry for JIRA - Test Management Plugin transmits credentials in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Atlassian Jenkins Information Disclosure +1
NVD
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Jenkins QMetry for JIRA - Test Management Plugin 1.12 and earlier stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Atlassian Jenkins Information Disclosure +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy