CVE-2018-1999027

Published: 2018-08-01T13:29Z

Last Modified: 2024-11-21T03:57Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An exposure of sensitive information vulnerability exists in Jenkins SaltStack Plugin 3.1.6 and earlier in SaltAPIBuilder.java, SaltAPIStep.java that allows attackers to capture credentials with a known credentials ID stored in Jenkins. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt