Jenkins Apica Loadtest Plugin 1.10 and earlier does not mask Apica Loadtest LTP authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
History

Thu, 10 Jul 2025 20:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 09 Jul 2025 20:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-256
Metrics cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N'}


Wed, 09 Jul 2025 15:45:00 +0000

Type Values Removed Values Added
Description Jenkins Apica Loadtest Plugin 1.10 and earlier does not mask Apica Loadtest LTP authentication tokens displayed on the job configuration form, increasing the potential for attackers to observe and capture them.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: jenkins

Published: 2025-07-09T15:39:35.465Z

Updated: 2025-07-09T19:14:18.034Z

Reserved: 2025-07-08T07:51:59.763Z

Link: CVE-2025-53665

cve-icon Vulnrichment

Updated: 2025-07-09T18:49:02.458Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-09T16:15:25.937

Modified: 2025-07-10T13:17:30.017

Link: CVE-2025-53665

cve-icon Redhat

No data.