Lucene search

CVE-2020-2300

🗓️ 04 Nov 2020 15:11:15Reported by jenkinsType

Jenkins Active Directory Plugin 2.19 allows empty password logi

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Github Security Blog	Improper Authentication (empty password) in Jenkins Active Directory Plugin	24 May 202217:33	–	github
OSV	CVE-2020-2300	4 Nov 202015:15	–	osv
OSV	GHSA-8WCW-CW2F-H4G2 Improper Authentication (empty password) in Jenkins Active Directory Plugin	24 May 202217:33	–	osv
Cvelist	CVE-2020-2300	4 Nov 202014:35	–	cvelist
NVD	CVE-2020-2300	4 Nov 202015:15	–	nvd
Prion	Design/Logic Flaw	4 Nov 202015:15	–	prion

Nvd

Node

jenkins active_directoryRange≤2.19jenkins

[
  {
    "product": "Jenkins Active Directory Plugin",
    "vendor": "Jenkins project",
    "versions": [
      {
        "lessThanOrEqual": "2.19",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "status": "unaffected",
        "version": "2.16.1"
      }
    ]
  }
]

Source	Link
openwall	www.openwall.com/lists/oss-security/2020/11/04/6
jenkins	www.jenkins.io/security/advisory/2020-11-04/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Nov 2020 15:15Current

9.4High risk

Vulners AI Score9.4

CVSS27.5

CVSS39.8

EPSS0.00191