CVE-2023-37943 – org.jenkins-ci.plugins:active-directory

Package

Manager: maven
Name: org.jenkins-ci.plugins:active-directory
Vulnerable Version: >=0 <2.30.1

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00021 pctl0.04099

Details

Jenkins Active Directory Plugin vulnerable to Active Directory credential disclosure Jenkins Active Directory Plugin allows testing a new, unsaved configuration by performing a connection test (the button labeled "Test Domain"). Active Directory Plugin 2.30 and earlier ignores the "Require TLS" and "StartTls" options and always performs the connection test to Active directory unencrypted. This allows attackers able to capture network traffic between the Jenkins controller and Active Directory servers to obtain Active Directory credentials. This only affects the connection test. Connections established during the login process are encrypted if the corresponding TLS option is enabled. Active Directory Plugin 2.30.1 considers the "Require TLS" and "StartTls" options for connection tests.

Metadata

Created: 2023-07-12T18:30:38Z
Modified: 2023-07-20T14:53:01Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/07/GHSA-g8c3-6fj2-87w7/GHSA-g8c3-6fj2-87w7.json
CWE IDs: ["CWE-311"]
Alternative ID: GHSA-g8c3-6fj2-87w7
Finding: F020
Auto approve: 1