2 matches found
CVE-2018-1000422
An improper authorization vulnerability exists in Jenkins Crowd 2 Integration Plugin 2.0.0 and earlier in CrowdSecurityRealm.java that allows attackers to have Jenkins perform a connection test, connecting to an attacker-specified server with attacker-specified credentials and connection settings...
CVE-2018-1000422
CVE-2018-1000422 affects Jenkins Crowd 2 Integration Plugin up to version 2.0.0. The vulnerability resides in CrowdSecurityRealm.java and enables an attacker to cause Jenkins to perform a connection test to an attacker‑specified server using attacker‑specified credentials and connection settings....