CVE-2018-1000425

Published: 2019-01-09T23:29Z

Last Modified: 2024-11-21T03:40Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java that allows attackers with local file system access to obtain the credentials used to connect to SonarQube. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt