CVE-2013-6372

Published: May 8, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The Subversion plugin before 1.54 for Jenkins stores credentials using base64 encoding, which allows local users to obtain passwords and SSH private keys by reading a subversion.credentials file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-11-20

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1032391

x_refsource_MISC

https://github.com/jenkinsci/subversion-plugin/commit/7d4562d6f7e40de04bbe29577b51c79f07d05ba6

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-6372

Description

Affected Products

References