Lucene search

GitHub Advisory DatabaseGHSA-6V6H-RW43-97FH

HistoryMay 16, 2023 - 6:30 p.m.

Jenkins SAML Single Sign On(SSO) Plugin missing hostname validation

2023-05-1618:30:16

CWE-345

GitHub Advisory Database

github.com

jenkins

saml

single sign on

security

plugin

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

18.3%

JSON

Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata.

This lack of validation could be abused using a man-in-the-middle attack to intercept these connections.

SAML Single Sign On(SSO) Plugin 2.1.0 performs hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata.

Affected configurations

Vulners

Node

io.jenkins.pluginsminiorange-saml-spRange<2.1.0

VendorProductVersionCPE
io.jenkins.pluginsminiorange-saml-sp*cpe:2.3:a:io.jenkins.plugins:miniorange-saml-sp:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
io.jenkins.plugins	miniorange-saml-sp	*	cpe:2.3:a:io.jenkins.plugins:miniorange-saml-sp::::::::

References

github.com/advisories/GHSA-6v6h-rw43-97fh

nvd.nist.gov/vuln/detail/CVE-2023-32993

www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3001%20(1)

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

18.3%

JSON

Related for GHSA-6V6H-RW43-97FH