Vulnerability in Jenkins Wso2_oauth

CVE-2023-30528

Jenkins WSO2 Oauth Plugin 1.0 and earlier does not mask the WSO2 Oauth client secret on the global configuration form, increasing the potential for attackers to observe and capture it.

EPSS: 0.004 (31.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.5 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2023-30528?
CVE-2023-30528 is a medium-severity vulnerability in Jenkins Wso2_oauth, classified under Cleartext Storage of Sensitive Information. CVSS score: 6.5/10. Published 2023-04-12.
How severe is CVE-2023-30528?
Medium severity. CVSS v3 base score is 6.5 out of 10.