Free and open-source vulnerability scanner

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

Jenkins Default Credentials (HTTP)

Severity

High

Family

Default Accounts

CVSSv2 Base

7.5

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Solution Type

Mitigation

Created

2 years ago

Modified

2 years ago

Share on Facebook
Share on LinkedIn
Share on Twitter

The remote Jenkins automation server is using known default credentials for the web login.

Insight

The remote Jenkins automation server is lacking a proper password configuration, which makes critical information and actions accessible for people with knowledge of the default credentials. Note: New Jenkins versions are creating / enforcing a strong and random password. But some specific deployments might still use known default credentials.

Detection Method

Tries to login via HTTP using known default credentials.

Solution

Change the default password.

Free and open-source vulnerability scanner

Available for macOS, Windows, and Linux

Jenkins Default Credentials (HTTP)

Information

Severity

Severity

Family

Family

CVSSv2 Base

CVSSv2 Base

CVSSv2 Vector

CVSSv2 Vector

Solution Type

Solution Type

Created

Created

Modified

Modified

Share

Summary

Insight

Insight

Detection Method

Detection Method

Solution

Solution