CVE-2023-40339
CVSS 3.1 Score 7.5 of 10 (high)
Details
Published Aug 16, 2023
Updated: Aug 22, 2023
Summary
CVE-2023-40339 is a vulnerability affecting the Jenkins Config File Provider Plugin version 952 and earlier. This issue exposes a security risk as the plugin does not mask credentials specified in configuration files when they're written to the build log. As a result, sensitive information can be exposed to unauthorized users, potentially leading to unauthorized access or data breaches. It is strongly recommended that users upgrade to the latest version of the plugin to mitigate this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Jenkins Config File Provider