-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:appdynamics-dashboard | maven | <= 1.0.14 | 1.0.15 |
Miggo AIRoot Cause AnalysisThe vulnerability centers on plaintext credential handling in two phases: storage (config.xml) and transmission (web UI). The NVD explicitly calls out AppDynamicsResultsPublisher.java as the vulnerable location. The getPassword() method would be the direct source of credential exposure during job configuration rendering, while the DescriptorImpl.configure() method would handle insecure persistence. These align with the advisory's description of credentials being stored unencrypted and transmitted plainly.