Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1yZjkyLTN2anItdzYyOM4AAmgK
Improper Authentication in Jenkins Active Directory Plugin
Jenkins Active Directory Plugin implements two separate modes: Integration with ADSI on Windows, and an OS agnostic LDAP-based mode.
The LDAP-based mode in Active Directory Plugin starting in version 1.44 and prior to versions 2.16.1 and 2.20 shares code between user lookup and user authentication and distinguishes these behaviors through the use if a magic constant used in place of a real password. This allows attackers to log in as any user if the magic constant is used as the password in Active Directory Plugin prior to 2.16.1 and 220.
Active Directory Plugin 2.16.1 and 2.20 no longer uses a magic constant to distinguish between user lookup and user authentication.
Permalink: https://github.com/advisories/GHSA-rf92-3vjr-w628JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1yZjkyLTN2anItdzYyOM4AAmgK
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Critical
Classification: General
Published: almost 2 years ago
Updated: 4 months ago
CVSS Score: 9.8
CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Identifiers: GHSA-rf92-3vjr-w628, CVE-2020-2299
References:
- https://nvd.nist.gov/vuln/detail/CVE-2020-2299
- https://www.jenkins.io/security/advisory/2020-11-04/#SECURITY-2117
- http://www.openwall.com/lists/oss-security/2020/11/04/6
- https://github.com/CVEProject/cvelist/blob/16860a328d970faa6e4350b0fa446f64a52e52ca/2020/2xxx/CVE-2020-2299.json
- https://github.com/jenkinsci/active-directory-plugin/commit/57e78ea7bb96b4e59405f28959ade2d26821163d
- https://github.com/advisories/GHSA-rf92-3vjr-w628
Blast Radius: 1.0
Affected Packages
maven:org.jenkins-ci.plugins:active-directory
Affected Version Ranges: >= 1.44, < 2.16.1, >= 2.17, < 2.20Fixed in: 2.16.1, 2.20