CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000176

An exposure of sensitive information vulnerability exists in Jenkins Email Extension Plugin 2.61 and older in src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy and ExtendedEmailPublisherDescriptor.java that allows attackers with control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured SMTP password.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 28.6%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

Products affected by CVE-2018-1000176

Jenkins » Email Extension » Version: 1.0

cpe:2.3:a:jenkins:email_extension:1.0
Jenkins » Email Extension » Version: 1.1

cpe:2.3:a:jenkins:email_extension:1.1
Jenkins » Email Extension » Version: 1.2

cpe:2.3:a:jenkins:email_extension:1.2
Jenkins » Email Extension » Version: 2.0

cpe:2.3:a:jenkins:email_extension:2.0
Jenkins » Email Extension » Version: 2.1

cpe:2.3:a:jenkins:email_extension:2.1
Jenkins » Email Extension » Version: 2.10

cpe:2.3:a:jenkins:email_extension:2.10
Jenkins » Email Extension » Version: 2.11

cpe:2.3:a:jenkins:email_extension:2.11
Jenkins » Email Extension » Version: 2.12

cpe:2.3:a:jenkins:email_extension:2.12
Jenkins » Email Extension » Version: 2.13

cpe:2.3:a:jenkins:email_extension:2.13
Jenkins » Email Extension » Version: 2.14

cpe:2.3:a:jenkins:email_extension:2.14
Jenkins » Email Extension » Version: 2.14.1

cpe:2.3:a:jenkins:email_extension:2.14.1
Jenkins » Email Extension » Version: 2.15

cpe:2.3:a:jenkins:email_extension:2.15
Jenkins » Email Extension » Version: 2.16

cpe:2.3:a:jenkins:email_extension:2.16
Jenkins » Email Extension » Version: 2.17

cpe:2.3:a:jenkins:email_extension:2.17
Jenkins » Email Extension » Version: 2.18

cpe:2.3:a:jenkins:email_extension:2.18
Jenkins » Email Extension » Version: 2.19

cpe:2.3:a:jenkins:email_extension:2.19
Jenkins » Email Extension » Version: 2.2

cpe:2.3:a:jenkins:email_extension:2.2
Jenkins » Email Extension » Version: 2.2.1

cpe:2.3:a:jenkins:email_extension:2.2.1
Jenkins » Email Extension » Version: 2.20

cpe:2.3:a:jenkins:email_extension:2.20
Jenkins » Email Extension » Version: 2.21

cpe:2.3:a:jenkins:email_extension:2.21
Jenkins » Email Extension » Version: 2.22

cpe:2.3:a:jenkins:email_extension:2.22
Jenkins » Email Extension » Version: 2.24

cpe:2.3:a:jenkins:email_extension:2.24
Jenkins » Email Extension » Version: 2.24.1

cpe:2.3:a:jenkins:email_extension:2.24.1
Jenkins » Email Extension » Version: 2.25

cpe:2.3:a:jenkins:email_extension:2.25
Jenkins » Email Extension » Version: 2.27

cpe:2.3:a:jenkins:email_extension:2.27
Jenkins » Email Extension » Version: 2.27.1

cpe:2.3:a:jenkins:email_extension:2.27.1
Jenkins » Email Extension » Version: 2.28

cpe:2.3:a:jenkins:email_extension:2.28
Jenkins » Email Extension » Version: 2.29

cpe:2.3:a:jenkins:email_extension:2.29
Jenkins » Email Extension » Version: 2.3

cpe:2.3:a:jenkins:email_extension:2.3
Jenkins » Email Extension » Version: 2.30

cpe:2.3:a:jenkins:email_extension:2.30
Jenkins » Email Extension » Version: 2.30.1

cpe:2.3:a:jenkins:email_extension:2.30.1
Jenkins » Email Extension » Version: 2.30.2

cpe:2.3:a:jenkins:email_extension:2.30.2
Jenkins » Email Extension » Version: 2.31

cpe:2.3:a:jenkins:email_extension:2.31
Jenkins » Email Extension » Version: 2.32

cpe:2.3:a:jenkins:email_extension:2.32
Jenkins » Email Extension » Version: 2.33

cpe:2.3:a:jenkins:email_extension:2.33
Jenkins » Email Extension » Version: 2.34

cpe:2.3:a:jenkins:email_extension:2.34
Jenkins » Email Extension » Version: 2.35

cpe:2.3:a:jenkins:email_extension:2.35
Jenkins » Email Extension » Version: 2.35.1

cpe:2.3:a:jenkins:email_extension:2.35.1
Jenkins » Email Extension » Version: 2.36

cpe:2.3:a:jenkins:email_extension:2.36
Jenkins » Email Extension » Version: 2.37

cpe:2.3:a:jenkins:email_extension:2.37
Jenkins » Email Extension » Version: 2.37.1

cpe:2.3:a:jenkins:email_extension:2.37.1
Jenkins » Email Extension » Version: 2.37.2

cpe:2.3:a:jenkins:email_extension:2.37.2
Jenkins » Email Extension » Version: 2.37.2.2

cpe:2.3:a:jenkins:email_extension:2.37.2.2
Jenkins » Email Extension » Version: 2.38

cpe:2.3:a:jenkins:email_extension:2.38
Jenkins » Email Extension » Version: 2.38.1

cpe:2.3:a:jenkins:email_extension:2.38.1
Jenkins » Email Extension » Version: 2.38.2

cpe:2.3:a:jenkins:email_extension:2.38.2
Jenkins » Email Extension » Version: 2.39

cpe:2.3:a:jenkins:email_extension:2.39
Jenkins » Email Extension » Version: 2.39.2

cpe:2.3:a:jenkins:email_extension:2.39.2
Jenkins » Email Extension » Version: 2.39.3

cpe:2.3:a:jenkins:email_extension:2.39.3
Jenkins » Email Extension » Version: 2.4

cpe:2.3:a:jenkins:email_extension:2.4
Jenkins » Email Extension » Version: 2.40

cpe:2.3:a:jenkins:email_extension:2.40
Jenkins » Email Extension » Version: 2.40.1

cpe:2.3:a:jenkins:email_extension:2.40.1
Jenkins » Email Extension » Version: 2.40.2

cpe:2.3:a:jenkins:email_extension:2.40.2
Jenkins » Email Extension » Version: 2.40.3

cpe:2.3:a:jenkins:email_extension:2.40.3
Jenkins » Email Extension » Version: 2.40.4

cpe:2.3:a:jenkins:email_extension:2.40.4
Jenkins » Email Extension » Version: 2.40.5

cpe:2.3:a:jenkins:email_extension:2.40.5
Jenkins » Email Extension » Version: 2.41

cpe:2.3:a:jenkins:email_extension:2.41
Jenkins » Email Extension » Version: 2.41.2

cpe:2.3:a:jenkins:email_extension:2.41.2
Jenkins » Email Extension » Version: 2.41.3

cpe:2.3:a:jenkins:email_extension:2.41.3
Jenkins » Email Extension » Version: 2.42

cpe:2.3:a:jenkins:email_extension:2.42
Jenkins » Email Extension » Version: 2.43

cpe:2.3:a:jenkins:email_extension:2.43
Jenkins » Email Extension » Version: 2.44

cpe:2.3:a:jenkins:email_extension:2.44
Jenkins » Email Extension » Version: 2.45

cpe:2.3:a:jenkins:email_extension:2.45
Jenkins » Email Extension » Version: 2.46

cpe:2.3:a:jenkins:email_extension:2.46
Jenkins » Email Extension » Version: 2.47

cpe:2.3:a:jenkins:email_extension:2.47
Jenkins » Email Extension » Version: 2.48

cpe:2.3:a:jenkins:email_extension:2.48
Jenkins » Email Extension » Version: 2.49

cpe:2.3:a:jenkins:email_extension:2.49
Jenkins » Email Extension » Version: 2.5

cpe:2.3:a:jenkins:email_extension:2.5
Jenkins » Email Extension » Version: 2.50

cpe:2.3:a:jenkins:email_extension:2.50
Jenkins » Email Extension » Version: 2.51

cpe:2.3:a:jenkins:email_extension:2.51
Jenkins » Email Extension » Version: 2.52

cpe:2.3:a:jenkins:email_extension:2.52
Jenkins » Email Extension » Version: 2.53

cpe:2.3:a:jenkins:email_extension:2.53
Jenkins » Email Extension » Version: 2.54

cpe:2.3:a:jenkins:email_extension:2.54
Jenkins » Email Extension » Version: 2.55

cpe:2.3:a:jenkins:email_extension:2.55
Jenkins » Email Extension » Version: 2.56

cpe:2.3:a:jenkins:email_extension:2.56
Jenkins » Email Extension » Version: 2.57

cpe:2.3:a:jenkins:email_extension:2.57
Jenkins » Email Extension » Version: 2.57.1

cpe:2.3:a:jenkins:email_extension:2.57.1
Jenkins » Email Extension » Version: 2.57.2

cpe:2.3:a:jenkins:email_extension:2.57.2
Jenkins » Email Extension » Version: 2.58

cpe:2.3:a:jenkins:email_extension:2.58
Jenkins » Email Extension » Version: 2.59

cpe:2.3:a:jenkins:email_extension:2.59
Jenkins » Email Extension » Version: 2.6

cpe:2.3:a:jenkins:email_extension:2.6
Jenkins » Email Extension » Version: 2.60

cpe:2.3:a:jenkins:email_extension:2.60
Jenkins » Email Extension » Version: 2.61

cpe:2.3:a:jenkins:email_extension:2.61
Jenkins » Email Extension » Version: 2.7

cpe:2.3:a:jenkins:email_extension:2.7
Jenkins » Email Extension » Version: 2.8

cpe:2.3:a:jenkins:email_extension:2.8
Jenkins » Email Extension » Version: 2.9

cpe:2.3:a:jenkins:email_extension:2.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000176

Products

Pricing

Contact Us