PT-2025-28926 · Jenkins · Jenkins Sensedia Api Platform Tools Plugin+1
Romuald Moisan
·
Published
2025-07-09
·
Updated
2025-07-10
·
CVE-2025-53674
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Jenkins Sensedia Api Platform Tools Plugin version 1.0
Description:
The Jenkins Sensedia Api Platform Tools Plugin does not mask the Sensedia API Manager integration token on the global configuration form, potentially allowing attackers to observe and capture it.
Recommendations:
Ensure the Sensedia API Manager integration token on the global configuration form is properly masked.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Jenkins
Jenkins Sensedia Api Platform Tools Plugin