CVE-2019-1003052

Name of the Vulnerable Software and Affected Versions: Jenkins AWS Elastic Beanstalk Publisher Plugin (affected versions not specified)

Description: The issue concerns the storage of credentials in an unencrypted manner within the global configuration file on the Jenkins master or controller. Specifically, the credentials are stored in the org.jenkinsci.plugins.awsbeanstalkpublisher.AWSEBPublisher.xml file. Users with access to the Jenkins controller or master file system can view these credentials.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.