Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it.
Metrics
Affected Vendors & Products
References
History
Wed, 09 Jul 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-256 | |
Metrics |
cvssV3_1
|
Wed, 09 Jul 2025 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Jenkins Statistics Gatherer Plugin 2.0.3 and earlier does not mask the AWS Secret Key on the global configuration form, increasing the potential for attackers to observe and capture it. | |
References |
|

Status: PUBLISHED
Assigner: jenkins
Published: 2025-07-09T15:39:29.610Z
Updated: 2025-07-09T19:15:24.586Z
Reserved: 2025-07-08T07:51:59.762Z
Link: CVE-2025-53655

Updated: 2025-07-09T18:50:33.539Z

Status : Awaiting Analysis
Published: 2025-07-09T16:15:24.937
Modified: 2025-07-10T13:17:30.017
Link: CVE-2025-53655

No data.