Description
Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3001%20(1)
Related Vulnerabilities
CVE-2014-0107 Vulnerability in maven package xalan:xalan
CVE-2022-41930 Vulnerability in maven package org.xwiki.platform:xwiki-platform-user-profile-ui
CVE-2020-2293 Vulnerability in maven package org.jenkins-ci.plugins:persona
CVE-2013-4152 Vulnerability in maven package org.springframework:spring-oxm
CVE-2023-31103 Vulnerability in maven package org.apache.inlong:manager-test