Vulnerability in Jenkins Neuvector_vulnerability_scanner

CVE-2019-10430

Jenkins NeuVector Vulnerability Scanner Plugin 1.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

EPSS: 0.003 (16.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.5 (Medium). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2019-10430?
CVE-2019-10430 is a medium-severity vulnerability in Jenkins Neuvector_vulnerability_scanner, classified under Cleartext Storage of Sensitive Information. CVSS score: 5.5/10. Published 2019-09-25.
How severe is CVE-2019-10430?
Medium severity. CVSS v3 base score is 5.5 out of 10.