Vulnerability Details CVE-2022-28135
Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2022-28135
-
cpe:2.3:a:jenkins:instant-messaging:-
-
cpe:2.3:a:jenkins:instant-messaging:1.0
-
cpe:2.3:a:jenkins:instant-messaging:1.1
-
cpe:2.3:a:jenkins:instant-messaging:1.10
-
cpe:2.3:a:jenkins:instant-messaging:1.11
-
cpe:2.3:a:jenkins:instant-messaging:1.12
-
cpe:2.3:a:jenkins:instant-messaging:1.13
-
cpe:2.3:a:jenkins:instant-messaging:1.14
-
cpe:2.3:a:jenkins:instant-messaging:1.15
-
cpe:2.3:a:jenkins:instant-messaging:1.16
-
cpe:2.3:a:jenkins:instant-messaging:1.17
-
cpe:2.3:a:jenkins:instant-messaging:1.18
-
cpe:2.3:a:jenkins:instant-messaging:1.19
-
cpe:2.3:a:jenkins:instant-messaging:1.2
-
cpe:2.3:a:jenkins:instant-messaging:1.20
-
cpe:2.3:a:jenkins:instant-messaging:1.21
-
cpe:2.3:a:jenkins:instant-messaging:1.22
-
cpe:2.3:a:jenkins:instant-messaging:1.23
-
cpe:2.3:a:jenkins:instant-messaging:1.24
-
cpe:2.3:a:jenkins:instant-messaging:1.25
-
cpe:2.3:a:jenkins:instant-messaging:1.26
-
cpe:2.3:a:jenkins:instant-messaging:1.27
-
cpe:2.3:a:jenkins:instant-messaging:1.28
-
cpe:2.3:a:jenkins:instant-messaging:1.29
-
cpe:2.3:a:jenkins:instant-messaging:1.3
-
cpe:2.3:a:jenkins:instant-messaging:1.30
-
cpe:2.3:a:jenkins:instant-messaging:1.31
-
cpe:2.3:a:jenkins:instant-messaging:1.32
-
cpe:2.3:a:jenkins:instant-messaging:1.33
-
cpe:2.3:a:jenkins:instant-messaging:1.34
-
cpe:2.3:a:jenkins:instant-messaging:1.35
-
cpe:2.3:a:jenkins:instant-messaging:1.36
-
cpe:2.3:a:jenkins:instant-messaging:1.37
-
cpe:2.3:a:jenkins:instant-messaging:1.38
-
cpe:2.3:a:jenkins:instant-messaging:1.39
-
cpe:2.3:a:jenkins:instant-messaging:1.4
-
cpe:2.3:a:jenkins:instant-messaging:1.40
-
cpe:2.3:a:jenkins:instant-messaging:1.41
-
cpe:2.3:a:jenkins:instant-messaging:1.5
-
cpe:2.3:a:jenkins:instant-messaging:1.6
-
cpe:2.3:a:jenkins:instant-messaging:1.7
-
cpe:2.3:a:jenkins:instant-messaging:1.8
-
cpe:2.3:a:jenkins:instant-messaging:1.9