Description

Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.

Remediation

References

https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3001%20(1)

Related Vulnerabilities

CVE-2017-7662 Vulnerability in maven package org.apache.cxf.fediz:fediz-cxf

CVE-2022-36917 Vulnerability in maven package org.jenkins-ci.plugins:google-cloud-backup

CVE-2019-10320 Vulnerability in maven package org.jenkins-ci.plugins:credentials

CVE-2022-30973 Vulnerability in maven package org.apache.tika:tika

CVE-2019-1003070 Vulnerability in maven package org.jenkins-ci.plugins:veracode-scanner

Severity

Medium

Classification

CWE-345 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Tags

Vendor Advisory