CVE-2025-53650

Jenkins Credentials Binding Plugin 687.v619cb_15e923f and earlier does not properly mask (i.e., replace with asterisks) credentials present in exception error messages that are written to the build log.

CVSS v3 7.3 HIGH

7.3^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 3.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3499	Vendor Advisory
http://www.openwall.com/lists/oss-security/2025/07/09/4

Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:credentials_binding:*:*:*:*:*:jenkins:*:*

History

04 Nov 2025, 22:16

Type	Values Removed	Values Added
References		() http://www.openwall.com/lists/oss-security/2025/07/09/4 -

18 Jul 2025, 18:00

Type	Values Removed	Values Added
First Time		Jenkins credentials Binding Jenkins
CWE		CWE-522
CPE		cpe:2.3:a:jenkins:credentials_binding::::::jenkins::*
References	~~() https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3499 -~~	() https://www.jenkins.io/security/advisory/2025-07-09/#SECURITY-3499 - Vendor Advisory

10 Jul 2025, 13:17

Type	Values Removed	Values Added
Summary		(es) Jenkins Credentials Binding Plugin 687.v619cb_15e923f y anteriores no enmascaran correctamente (es decir, no reemplazan con asteriscos) las credenciales presentes en los mensajes de error de excepción que se escriben en el registro de compilación.

09 Jul 2025, 21:15

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.3

09 Jul 2025, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-09 16:15

Updated : 2025-11-04 22:16

NVD link : CVE-2025-53650

Mitre link : CVE-2025-53650

CVE.ORG link : CVE-2025-53650

JSON object : View

Products Affected

jenkins

credentials_binding

CWE

CWE-522

Insufficiently Protected Credentials

7.3 /10