Artifactory Insufficiently Protected Credentials Vulnerability - CVE-2018-1000424 - Vulnerability Database

Artifactory Insufficiently Protected Credentials Vulnerability - CVE-2018-1000424

High

Reference: CVE-2018-1000424

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2018-1000424

Title: Artifactory Insufficiently Protected Credentials Vulnerability

Overview:

An insufficiently protected credentials vulnerability exists in Jenkins Artifactory Plugin 2.16.1 and earlier in ArtifactoryBuilder.java CredentialsConfig.java that allows attackers with local file system access to obtain old credentials configured for the plugin before it integrated with Credentials Plugin.