What is CVE-2025-0148?

CVE-2025-0148 is a low-severity vulnerability in Zoom Communications, Inc Jenkins Marketplace Plugin, classified under CWE-549. CVSS score: 2.6/10. Published 2025-02-03.

How severe is CVE-2025-0148?

Low severity. CVSS v3 base score is 2.6 out of 10.

Vulnerability in Zoom Communications, Inc Jenkins Marketplace Plugin

CVE-2025-0148

Missing password field masking in the Zoom Jenkins Marketplace plugin before version 1.6 may allow an unauthenticated user to conduct a disclosure of information via adjacent network access.

EPSS: 0.001 (30.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.6 (Low). Vector: CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N.

Affected products

Zoom Communications, Inc Jenkins Marketplace Plugin — versions 0

Weakness classification (CWE)

CWE-549

References

www.zoom.com/en/trust/security-bulletin/zsb-25007/

Frequently asked questions

What is CVE-2025-0148?: CVE-2025-0148 is a low-severity vulnerability in Zoom Communications, Inc Jenkins Marketplace Plugin, classified under CWE-549. CVSS score: 2.6/10. Published 2025-02-03.
How severe is CVE-2025-0148?: Low severity. CVSS v3 base score is 2.6 out of 10.