Lucene search

GoogleOSV:GHSA-6V6H-RW43-97FH

HistoryMay 16, 2023 - 6:30 p.m.

Jenkins SAML Single Sign On(SSO) Plugin missing hostname validation

2023-05-1618:30:16

Google

osv.dev

jenkins

saml

single sign on

plugin

hostname validation

mitm attack

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

18.3%

JSON

Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata.

This lack of validation could be abused using a man-in-the-middle attack to intercept these connections.

SAML Single Sign On(SSO) Plugin 2.1.0 performs hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata.

References

nvd.nist.gov/vuln/detail/CVE-2023-32993

www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3001%20(1)

CVSS3

4.8

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS

0.001

Percentile

18.3%

JSON

Related for OSV:GHSA-6V6H-RW43-97FH