CVE-2020-2150

Jenkins Sonar Quality Gates Plugin 1.3.1 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.

Link	Resource
https://jenkins.io/security/advisory/2020-03-09/#SECURITY-1523	Vendor Advisory
http://www.openwall.com/lists/oss-security/2020/03/09/1	Third Party Advisory

Configuration 1

cpe:2.3:a:jenkins:sonar_quality_gates:*:*:*:*:*:jenkins:*:*

---

Published : 2020-03-09 04:15

Updated : 2020-03-09 06:43

---

NVD link : CVE-2020-2150

Mitre link : CVE-2020-2150

No products.

CWE-319

Cleartext Transmission of Sensitive Information