How severe is CVE-2023-24454?

CVE-2023-24454 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2023-24454

Name: testquality_updater
Author: jenkins

5.5MEDIUM

Jenkins TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with a

Publicado: 1/26/2023Actualizado: 4/2/2025

Descripción

Jenkins TestQuality Updater Plugin 1.3 and earlier stores the TestQuality Updater password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.

Análisis IAImpulsado por IA

Productos Afectados

jenkinstestquality_updater

Referencias

https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2091
Vendor Advisory
https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2091
Vendor Advisory