Miggo Logo
Miggo Vulnerability Database
CVE-2019-10366

CVE-2019-10366: Skytap Cloud CI Plugin stored credentials in plain text

6.5

CVSS Score
3.1

Basic Information

CVE ID
CVE-2019-10366
GHSA ID
GHSA-vp26-4hj6-jrvx
EPSS Score
0.3905%
CWE
CWE-522
Published
5/24/2022
Updated
12/14/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:skytapmaven<= 2.062.07

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from handling credentials as plaintext strings rather than encrypted secrets. The commit shows critical changes:

  1. SkytapBuildWrapper's authKey field changed from String to Secret type, with getAuthKey() modified to use Secret.toString
  2. CreatePublishURLStep's urlPassword field changed from String to Secret type, with associated constructor and getter modifications
  3. The RequirePasswordBlock constructor parameter changed from String to Secret for password storage These functions directly handled sensitive credentials without encryption in vulnerable versions, as evidenced by the patch replacing String with Jenkins' Secret class for proper credential handling.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*nkins Skyt*p *lou* *I Plu*in *.** *n* **rli*r stor** *r***nti*ls un*n*rypt** in jo* *on*i*.xml *il*s on t** J*nkins m*st*r w**r* t**y *oul* ** vi*w** *y us*rs wit* *xt*n*** R*** p*rmission, or ****ss to t** m*st*r *il* syst*m.

Reasoning

T** vuln*r**ility st*ms *rom **n*lin* *r***nti*ls *s pl*int*xt strin*s r*t**r t**n *n*rypt** s**r*ts. T** *ommit s*ows *riti**l ***n**s: *. Skyt*p*uil*Wr*pp*r's *ut*K*y *i*l* ***n*** *rom Strin* to S**r*t typ*, wit* **t*ut*K*y() mo*i*i** to us* S**r