All the vulnerabilites related to Jenkins project - Jenkins OpenId Connect Authentication Plugin
cve-2024-47807
Vulnerability from cvelistv5
Published
2024-10-02 15:35
Modified
2024-10-02 16:38
Severity ?
EPSS score ?
Summary
Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3441%20(2) | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Jenkins Project | Jenkins OpenId Connect Authentication Plugin |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jenkins_project:jenkins_openid_connect_authentication_plugin:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jenkins_openid_connect_authentication_plugin",
"vendor": "jenkins_project",
"versions": [
{
"lessThanOrEqual": "4.354.v321ce67a_1de8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-47807",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T16:29:40.834845Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:38:55.789Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jenkins OpenId Connect Authentication Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "4.354.v321ce67a_1de8",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins."
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T15:35:04.941Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "Jenkins Security Advisory 2024-10-02",
"tags": [
"vendor-advisory"
],
"url": "https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3441%20(2)"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2024-47807",
"datePublished": "2024-10-02T15:35:04.941Z",
"dateReserved": "2024-10-01T20:59:52.484Z",
"dateUpdated": "2024-10-02T16:38:55.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-50770
Vulnerability from cvelistv5
Published
2023-12-13 17:30
Modified
2024-08-02 22:23
Severity ?
EPSS score ?
Summary
Jenkins OpenId Connect Authentication Plugin 2.6 and earlier stores a password of a local user account used as an anti-lockout feature in a recoverable format, allowing attackers with access to the Jenkins controller file system to recover the plain text password of that account, likely gaining administrator access to Jenkins.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Jenkins Project | Jenkins OpenId Connect Authentication Plugin |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:23:43.692Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Jenkins Security Advisory 2023-12-13",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3168"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/13/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Jenkins OpenId Connect Authentication Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "2.6",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins OpenId Connect Authentication Plugin 2.6 and earlier stores a password of a local user account used as an anti-lockout feature in a recoverable format, allowing attackers with access to the Jenkins controller file system to recover the plain text password of that account, likely gaining administrator access to Jenkins."
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T17:30:17.513Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "Jenkins Security Advisory 2023-12-13",
"tags": [
"vendor-advisory"
],
"url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3168"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/13/4"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2023-50770",
"datePublished": "2023-12-13T17:30:17.513Z",
"dateReserved": "2023-12-13T13:06:36.477Z",
"dateUpdated": "2024-08-02T22:23:43.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-50771
Vulnerability from cvelistv5
Published
2023-12-13 17:30
Modified
2024-08-02 22:23
Severity ?
EPSS score ?
Summary
Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Jenkins Project | Jenkins OpenId Connect Authentication Plugin |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T22:23:43.598Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Jenkins Security Advisory 2023-12-13",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-2979"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2023/12/13/4"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Jenkins OpenId Connect Authentication Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "2.6",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins OpenId Connect Authentication Plugin 2.6 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins, allowing attackers to perform phishing attacks."
}
],
"providerMetadata": {
"dateUpdated": "2023-12-13T17:30:18.172Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "Jenkins Security Advisory 2023-12-13",
"tags": [
"vendor-advisory"
],
"url": "https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-2979"
},
{
"url": "http://www.openwall.com/lists/oss-security/2023/12/13/4"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2023-50771",
"datePublished": "2023-12-13T17:30:18.172Z",
"dateReserved": "2023-12-13T13:06:36.477Z",
"dateUpdated": "2024-08-02T22:23:43.598Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-47806
Vulnerability from cvelistv5
Published
2024-10-02 15:35
Modified
2024-10-02 16:37
Severity ?
EPSS score ?
Summary
Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3441%20(1) | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Jenkins Project | Jenkins OpenId Connect Authentication Plugin |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jenkins_project:jenkins_openid_connect_authentication_plugin:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jenkins_openid_connect_authentication_plugin",
"vendor": "jenkins_project",
"versions": [
{
"lessThanOrEqual": "4.354.v321ce67a_1de8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-47806",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T16:30:02.903460Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T16:37:13.218Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jenkins OpenId Connect Authentication Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "4.354.v321ce67a_1de8",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins."
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T15:35:04.269Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "Jenkins Security Advisory 2024-10-02",
"tags": [
"vendor-advisory"
],
"url": "https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3441%20(1)"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2024-47806",
"datePublished": "2024-10-02T15:35:04.269Z",
"dateReserved": "2024-10-01T20:59:52.484Z",
"dateUpdated": "2024-10-02T16:37:13.218Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-52553
Vulnerability from cvelistv5
Published
2024-11-13 20:53
Modified
2024-11-13 21:38
Severity ?
EPSS score ?
Summary
Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3473 | vendor-advisory |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Jenkins Project | Jenkins OpenId Connect Authentication Plugin |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:jenkins:openid:-:*:*:*:*:jenkins:*:*"
],
"defaultStatus": "unknown",
"product": "openid",
"vendor": "jenkins",
"versions": [
{
"lessThanOrEqual": "4.418.vccc7061f5b_6d",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-52553",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-13T21:38:03.003277Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-613",
"description": "CWE-613 Insufficient Session Expiration",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T21:38:06.118Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Jenkins OpenId Connect Authentication Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "4.418.vccc7061f5b_6d",
"status": "affected",
"version": "0",
"versionType": "maven"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login."
}
],
"providerMetadata": {
"dateUpdated": "2024-11-13T20:53:02.980Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"name": "Jenkins Security Advisory 2024-11-13",
"tags": [
"vendor-advisory"
],
"url": "https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3473"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2024-52553",
"datePublished": "2024-11-13T20:53:02.980Z",
"dateReserved": "2024-11-12T15:28:28.980Z",
"dateUpdated": "2024-11-13T21:38:06.118Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-24424
Vulnerability from cvelistv5
Published
2023-01-24 00:00
Modified
2024-08-02 10:56
Severity ?
EPSS score ?
Summary
Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login.
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Jenkins Project | Jenkins OpenId Connect Authentication Plugin |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:56:03.791Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2978"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins OpenId Connect Authentication Plugin",
"vendor": "Jenkins Project",
"versions": [
{
"lessThanOrEqual": "2.4",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not invalidate the previous session on login."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T12:48:12.723Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2978"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2023-24424",
"datePublished": "2023-01-24T00:00:00",
"dateReserved": "2023-01-23T00:00:00",
"dateUpdated": "2024-08-02T10:56:03.791Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2019-1003021
Vulnerability from cvelistv5
Published
2019-02-06 16:00
Modified
2024-09-17 01:21
Severity ?
EPSS score ?
Summary
An exposure of sensitive information vulnerability exists in Jenkins OpenId Connect Authentication Plugin 1.4 and earlier in OicSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser (e.g. malicious extension) to retrieve the configured client secret.
References
| ▼ | URL | Tags |
|---|---|---|
| https://jenkins.io/security/advisory/2019-01-28/#SECURITY-886 | x_refsource_CONFIRM |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Jenkins project | Jenkins OpenId Connect Authentication Plugin |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:00:19.431Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-886"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Jenkins OpenId Connect Authentication Plugin",
"vendor": "Jenkins project",
"versions": [
{
"status": "affected",
"version": "1.4 and earlier"
}
]
}
],
"dateAssigned": "2019-02-06T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An exposure of sensitive information vulnerability exists in Jenkins OpenId Connect Authentication Plugin 1.4 and earlier in OicSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator\u0027s web browser output, or control the browser (e.g. malicious extension) to retrieve the configured client secret."
}
],
"providerMetadata": {
"dateUpdated": "2023-10-24T16:44:54.536Z",
"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"shortName": "jenkins"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-886"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"DATE_ASSIGNED": "2019-02-06T02:59:03.180484",
"ID": "CVE-2019-1003021",
"REQUESTER": "ml@beckweb.net",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Jenkins OpenId Connect Authentication Plugin",
"version": {
"version_data": [
{
"version_value": "1.4 and earlier"
}
]
}
}
]
},
"vendor_name": "Jenkins project"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An exposure of sensitive information vulnerability exists in Jenkins OpenId Connect Authentication Plugin 1.4 and earlier in OicSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator\u0027s web browser output, or control the browser (e.g. malicious extension) to retrieve the configured client secret."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-549"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-886",
"refsource": "CONFIRM",
"url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-886"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
"assignerShortName": "jenkins",
"cveId": "CVE-2019-1003021",
"datePublished": "2019-02-06T16:00:00Z",
"dateReserved": "2019-02-06T00:00:00Z",
"dateUpdated": "2024-09-17T01:21:38.210Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}