VIR Vulnerability Intelligence Relay

CVE-2013-6372

low
Published 2014-05-08 ยท Modified 2025-03-13
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
2.1

Description

Jenkins Subversion Plugin Stores Credentials with Base64 Encoding

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

Package impact
EcosystemPackageVulnerableFixed
java Mavenorg.jenkins-ci.plugins:subversion<1.541.54

Application impact
VendorProductVersionsFixed
jenkins-cisubversion-plugin{"endIncluding":"1.53"}
jenkins-cisubversion-plugin1.0
jenkins-cisubversion-plugin1.1
jenkins-cisubversion-plugin1.2
jenkins-cisubversion-plugin1.3
jenkins-cisubversion-plugin1.4
jenkins-cisubversion-plugin1.5
jenkins-cisubversion-plugin1.6
jenkins-cisubversion-plugin1.7
jenkins-cisubversion-plugin1.8
jenkins-cisubversion-plugin1.9
jenkins-cisubversion-plugin1.10
jenkins-cisubversion-plugin1.11
jenkins-cisubversion-plugin1.12
jenkins-cisubversion-plugin1.13
jenkins-cisubversion-plugin1.14
jenkins-cisubversion-plugin1.15
jenkins-cisubversion-plugin1.16
jenkins-cisubversion-plugin1.17
jenkins-cisubversion-plugin1.18
jenkins-cisubversion-plugin1.19
jenkins-cisubversion-plugin1.20
jenkins-cisubversion-plugin1.21
jenkins-cisubversion-plugin1.22
jenkins-cisubversion-plugin1.23
jenkins-cisubversion-plugin1.24
jenkins-cisubversion-plugin1.25
jenkins-cisubversion-plugin1.26
jenkins-cisubversion-plugin1.27
jenkins-cisubversion-plugin1.28
jenkins-cisubversion-plugin1.29
jenkins-cisubversion-plugin1.30
jenkins-cisubversion-plugin1.31
jenkins-cisubversion-plugin1.32
jenkins-cisubversion-plugin1.33
jenkins-cisubversion-plugin1.34
jenkins-cisubversion-plugin1.35
jenkins-cisubversion-plugin1.36
jenkins-cisubversion-plugin1.37
jenkins-cisubversion-plugin1.38
jenkins-cisubversion-plugin1.39
jenkins-cisubversion-plugin1.40
jenkins-cisubversion-plugin1.41
jenkins-cisubversion-plugin1.42
jenkins-cisubversion-plugin1.43
jenkins-cisubversion-plugin1.44
jenkins-cisubversion-plugin1.45
jenkins-cisubversion-plugin1.46
jenkins-cisubversion-plugin1.47
jenkins-cisubversion-plugin1.48
jenkins-cisubversion-plugin1.49
jenkins-cisubversion-plugin1.50
jenkins-cisubversion-plugin1.51
jenkins-cisubversion-plugin1.52

References

CWEs

CWE-255

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.