5.3

CVE-2025-53674

Jenkins Sensedia Api Platform tools Plugin 1.0 does not mask the Sensedia API Manager integration token on the global configuration form, increasing the potential for attackers to observe and capture it.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
JenkinsSensedia Api Platform Tools Version1.0 SwPlatformjenkins
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.25% 0.162
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 5.3 3.9 1.4
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CWE-256 Plaintext Storage of a Password

The product stores a password in plaintext within resources such as memory or files.

https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3551
Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/07/09/4