NVD

Id
40934  
Name
CVE-2013-5676  
Description
The Jenkins Plugin for SonarQube 3.7 and earlier allows remote authenticated users to obtain sensitive information (cleartext passwords) by reading the value in the sonar.sonarPassword parameter from jenkins/configure.  
Reject
 
CVSS Version
2  
CVSS Score
4  
Severity
Medium  
CVSS Base Score
4  
CVSS Impact Subscore
2.9  
CVSS Exploit Subscore
8  
CVSS Vector
(AV:N/AC:L/Au:S/C:P/I:N/A:N)  
Pub Date
2017-01-18  
Published
2013-12-13  
Modified Date
2013-12-16  
Seq
2013-5676  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
206926 40934 CVE-2013-5676 20131206 [CVE-2013-5676] Plain Text Password In SonarQube Jenkins Plugin  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
23949 JVNDB-2013-005524 SonarQube 用 Jenkins Plugin における重要な情報を取得される脆弱性 SonarQube 用 Jenkins Plugin には、重要な情報 (平文のパスワード) を取得される脆弱性が存在します。 CVE-2013-5676 65618 CVE-2013-5676 40934 4 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005524.html 2013-12-06 2013-12-17 View