CVE-2019-10461

Name of the Vulnerable Software and Affected Versions Jenkins Dynatrace Application Monitoring Plugin versions 2.1.3 and earlier Jenkins Dynatrace Application Monitoring Plugin versions prior to 2.1.4

Description The issue concerns the storage of credentials in the global configuration file on the Jenkins master. Specifically, credentials are stored unencrypted, allowing users with access to the master file system to view them. This affects users with access to the Jenkins master.

Recommendations For versions 2.1.3 and earlier, update to version 2.1.4 or later to resolve the issue. For versions prior to 2.1.4, update to version 2.1.4 or later to resolve the issue.