Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1nOGMzLTZmajItODd3N84AA0p2
Jenkins Active Directory Plugin vulnerable to Active Directory credential disclosure
Jenkins Active Directory Plugin allows testing a new, unsaved configuration by performing a connection test (the button labeled "Test Domain").
Active Directory Plugin 2.30 and earlier ignores the "Require TLS" and "StartTls" options and always performs the connection test to Active directory unencrypted. This allows attackers able to capture network traffic between the Jenkins controller and Active Directory servers to obtain Active Directory credentials.
This only affects the connection test. Connections established during the login process are encrypted if the corresponding TLS option is enabled.
Active Directory Plugin 2.30.1 considers the "Require TLS" and "StartTls" options for connection tests.
Permalink: https://github.com/advisories/GHSA-g8c3-6fj2-87w7JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1nOGMzLTZmajItODd3N84AA0p2
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 10 months ago
Updated: 4 months ago
CVSS Score: 5.9
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Identifiers: GHSA-g8c3-6fj2-87w7, CVE-2023-37943
References:
- https://nvd.nist.gov/vuln/detail/CVE-2023-37943
- https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-3059
- http://www.openwall.com/lists/oss-security/2023/07/12/2
- https://github.com/jenkinsci/active-directory-plugin/commit/549dde617dbcf533e6cabfe8cc148a250a398211
- https://github.com/advisories/GHSA-g8c3-6fj2-87w7
Blast Radius: 1.0
Affected Packages
maven:org.jenkins-ci.plugins:active-directory
Affected Version Ranges: < 2.30.1Fixed in: 2.30.1