Vulnerability Details CVE-2023-30514
Jenkins Azure Key Vault Plugin 187.va_cd5fecd198a_ and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.3%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-30514
-
cpe:2.3:a:jenkins:azure_key_vault:1.0.0
-
cpe:2.3:a:jenkins:azure_key_vault:1.1
-
cpe:2.3:a:jenkins:azure_key_vault:1.2
-
cpe:2.3:a:jenkins:azure_key_vault:1.3
-
cpe:2.3:a:jenkins:azure_key_vault:1.4
-
cpe:2.3:a:jenkins:azure_key_vault:1.5
-
cpe:2.3:a:jenkins:azure_key_vault:1.6
-
cpe:2.3:a:jenkins:azure_key_vault:1.7
-
cpe:2.3:a:jenkins:azure_key_vault:1.8
-
cpe:2.3:a:jenkins:azure_key_vault:1.9
-
cpe:2.3:a:jenkins:azure_key_vault:187.va_cd5fecd198a
-
cpe:2.3:a:jenkins:azure_key_vault:2.0
-
cpe:2.3:a:jenkins:azure_key_vault:2.1