CVE-2017-1000245: Jenkins SSH Plugin user passwords for encrypted SSH keys stored in plaintext

Severity: Critical

CVSS Score: 9.8

The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH keys are stored in plaintext in a configuration file.