CVE-2025-53674

MEDIUM

Jenkins Sensedia Api Platform tools Plugin 1.0 - Info Disclosure

Title source: llm
STIX 2.1

Description

Jenkins Sensedia Api Platform tools Plugin 1.0 does not mask the Sensedia API Manager integration token on the global configuration form, increasing the potential for attackers to observe and capture it.

References (2)

Scores

CVSS v3 5.3
EPSS 0.0004
EPSS Percentile 13.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-256
Status published
Products (2)
jenkins/sensedia_api_platform_tools 1.0
org.jenkins-ci.plugins/sensedia-api-platform 0Maven
Published Jul 09, 2025
Tracked Since Feb 18, 2026