GE Aviation Passwords, Source Code Exposed in Open Jenkins Server

A public Jenkins server owned by GE Aviation has exposed source code, plaintext passwords, global system configuration details and private keys from the company’s internal commercial infrastructure.

GE Aviation, a subsidiary of General Electrics, is among the top commercial aircraft engine suppliers, and offers various airplane components. The server also contained a ReadMe file, outlining all the files it contained and their sensitivity.

Jenkins is an open source automation server written in Java. A misconfiguration in the server’s DNS scheme, which converts human readable domain names into computer readable IP-addresses, caused the impacted server to become exposed to the open internet, according to the company.

Read more at ThreatPost

(Visited 1 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

SIGN UP NOW for FREE News & Analysis on topics of your choice across homeland security!

BEYOND POLITICS.  IT'S ABOUT THE MISSION. 

SIGN UP NOW for FREE News & Analysis on topics of your choice across homeland security!

BEYOND POLITICS.  IT'S ABOUT THE MISSION. 

Go to Top
Malcare WordPress Security