5 matches found
CVE-2023-24426
Jenkins Azure AD Plugin 303.va91ef20ee49f and earlier does not invalidate the previous session on login...
CVE-2023-24426
Jenkins Azure AD Plugin 303.va91ef20ee49f and earlier does not invalidate the previous session on login...
CVE-2023-24426
Jenkins Azure AD Plugin 303.va91ef20ee49f and earlier does not invalidate the previous session on login...
CVE-2023-24426
Jenkins Azure AD Plugin 303.va91ef20ee49f and earlier does not invalidate the previous session on login...
CVE-2023-24426
The CVE-2023-24426 entry refers to Jenkins Azure AD Plugin (versions 303.va_91ef20ee49f and earlier) that does not invalidate an existing session on login. This behavior can allow an attacker with social engineering to gain administrator access to Jenkins, per Jenkins advisory notes. The issue is...