2 matches found
CVE-2020-2301
Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful authentication of that user is still in the optional cache when using Windows/ADSI mode...
CVE-2020-2301
The CVE-2020-2301 issue affects Jenkins Active Directory Plugin (versions 2.19 and earlier). In Windows/ADSI mode, the plugin’s authentication cache could cause a login to be successful for any user with any password because the provided password was not validated when a cache entry existed. This...