CVE-2025-53673

CVSS v2.0

6.8

Vector

AV:N/AC:L/Au:S/C:C/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Jenkins Sensedia Api Platform Tools Plugin version 1.0

Description: The Jenkins Sensedia Api Platform Tools Plugin stores the Sensedia API Manager integration token unencrypted in its global configuration file on the Jenkins controller. This allows users with access to the Jenkins controller file system to view the token.

Recommendations: Ensure the Jenkins controller file system is adequately secured to prevent unauthorized access.

Fix

Missing Encryption of Sensitive Data

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-311

Related Identifiers

BDU:2025-08554

CVE-2025-53673

GHSA-93J6-JCJW-3RWP

Affected Products

Jenkins Sensedia Api Platform Tools Plugin

CVE-2025-53673

Weakness Enumeration

Related Identifiers

Affected Products

References · 8