CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000425

An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java that allows attackers with local file system access to obtain the credentials used to connect to SonarQube.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 14.0%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 2.1

References

Products affected by CVE-2018-1000425

Sonarsource » Sonarqube Scanner » Version: N/A

cpe:2.3:a:sonarsource:sonarqube_scanner:-
Sonarsource » Sonarqube Scanner » Version: 0.1

cpe:2.3:a:sonarsource:sonarqube_scanner:0.1
Sonarsource » Sonarqube Scanner » Version: 0.2

cpe:2.3:a:sonarsource:sonarqube_scanner:0.2
Sonarsource » Sonarqube Scanner » Version: 1.0

cpe:2.3:a:sonarsource:sonarqube_scanner:1.0
Sonarsource » Sonarqube Scanner » Version: 1.0.1

cpe:2.3:a:sonarsource:sonarqube_scanner:1.0.1
Sonarsource » Sonarqube Scanner » Version: 1.1

cpe:2.3:a:sonarsource:sonarqube_scanner:1.1
Sonarsource » Sonarqube Scanner » Version: 1.2

cpe:2.3:a:sonarsource:sonarqube_scanner:1.2
Sonarsource » Sonarqube Scanner » Version: 1.2.1

cpe:2.3:a:sonarsource:sonarqube_scanner:1.2.1
Sonarsource » Sonarqube Scanner » Version: 1.2.2

cpe:2.3:a:sonarsource:sonarqube_scanner:1.2.2
Sonarsource » Sonarqube Scanner » Version: 1.3

cpe:2.3:a:sonarsource:sonarqube_scanner:1.3
Sonarsource » Sonarqube Scanner » Version: 1.3.1

cpe:2.3:a:sonarsource:sonarqube_scanner:1.3.1
Sonarsource » Sonarqube Scanner » Version: 1.4

cpe:2.3:a:sonarsource:sonarqube_scanner:1.4
Sonarsource » Sonarqube Scanner » Version: 1.5

cpe:2.3:a:sonarsource:sonarqube_scanner:1.5
Sonarsource » Sonarqube Scanner » Version: 1.6

cpe:2.3:a:sonarsource:sonarqube_scanner:1.6
Sonarsource » Sonarqube Scanner » Version: 1.6.1

cpe:2.3:a:sonarsource:sonarqube_scanner:1.6.1
Sonarsource » Sonarqube Scanner » Version: 1.7

cpe:2.3:a:sonarsource:sonarqube_scanner:1.7
Sonarsource » Sonarqube Scanner » Version: 1.7.1

cpe:2.3:a:sonarsource:sonarqube_scanner:1.7.1
Sonarsource » Sonarqube Scanner » Version: 1.7.2

cpe:2.3:a:sonarsource:sonarqube_scanner:1.7.2
Sonarsource » Sonarqube Scanner » Version: 1.8

cpe:2.3:a:sonarsource:sonarqube_scanner:1.8
Sonarsource » Sonarqube Scanner » Version: 1.8.1

cpe:2.3:a:sonarsource:sonarqube_scanner:1.8.1
Sonarsource » Sonarqube Scanner » Version: 2.0

cpe:2.3:a:sonarsource:sonarqube_scanner:2.0
Sonarsource » Sonarqube Scanner » Version: 2.0.1

cpe:2.3:a:sonarsource:sonarqube_scanner:2.0.1
Sonarsource » Sonarqube Scanner » Version: 2.1

cpe:2.3:a:sonarsource:sonarqube_scanner:2.1
Sonarsource » Sonarqube Scanner » Version: 2.2

cpe:2.3:a:sonarsource:sonarqube_scanner:2.2
Sonarsource » Sonarqube Scanner » Version: 2.2.1

cpe:2.3:a:sonarsource:sonarqube_scanner:2.2.1
Sonarsource » Sonarqube Scanner » Version: 2.3

cpe:2.3:a:sonarsource:sonarqube_scanner:2.3
Sonarsource » Sonarqube Scanner » Version: 2.4

cpe:2.3:a:sonarsource:sonarqube_scanner:2.4
Sonarsource » Sonarqube Scanner » Version: 2.4.1

cpe:2.3:a:sonarsource:sonarqube_scanner:2.4.1
Sonarsource » Sonarqube Scanner » Version: 2.4.2

cpe:2.3:a:sonarsource:sonarqube_scanner:2.4.2
Sonarsource » Sonarqube Scanner » Version: 2.4.3

cpe:2.3:a:sonarsource:sonarqube_scanner:2.4.3
Sonarsource » Sonarqube Scanner » Version: 2.4.4

cpe:2.3:a:sonarsource:sonarqube_scanner:2.4.4
Sonarsource » Sonarqube Scanner » Version: 2.5

cpe:2.3:a:sonarsource:sonarqube_scanner:2.5
Sonarsource » Sonarqube Scanner » Version: 2.6

cpe:2.3:a:sonarsource:sonarqube_scanner:2.6
Sonarsource » Sonarqube Scanner » Version: 2.6.1

cpe:2.3:a:sonarsource:sonarqube_scanner:2.6.1
Sonarsource » Sonarqube Scanner » Version: 2.7

cpe:2.3:a:sonarsource:sonarqube_scanner:2.7
Sonarsource » Sonarqube Scanner » Version: 2.7.1

cpe:2.3:a:sonarsource:sonarqube_scanner:2.7.1
Sonarsource » Sonarqube Scanner » Version: 2.8

cpe:2.3:a:sonarsource:sonarqube_scanner:2.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000425

Products

Pricing

Contact Us