Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins active directory vulnerabilities and exploits
(subscribe to this query)
516
VMScore
CVE-2019-1003009
An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and previous versions in src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java, src/...
Jenkins Active Directory
383
VMScore
CVE-2020-2303
A cross-site request forgery (CSRF) vulnerability in Jenkins Active Directory Plugin 2.19 and previous versions allows malicious users to perform connection tests, connecting to attacker-specified or previously configured Active Directory servers using attacker-specified credenti...
Jenkins Active Directory
605
VMScore
CVE-2017-2649
It was found that the Active Directory Plugin for Jenkins up to and including version 2.2 did not verify certificates of the Active Directory server, thereby enabling Man-in-the-Middle attacks.
Jenkins Active Directory
NA
CVE-2023-37943
Jenkins Active Directory Plugin 2.30 and previous versions ignores the "Require TLS" and "StartTls" options and always performs the connection test to Active directory unencrypted, allowing attackers able to capture network traffic between the Jenkins controll...
Jenkins Active Directory
259
VMScore
CVE-2022-23105
Jenkins Active Directory Plugin 2.25 and previous versions does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations.
Jenkins Active Directory
668
VMScore
CVE-2020-2299
Jenkins Active Directory Plugin 2.19 and previous versions allows malicious users to log in as any user if a magic constant is used as the password.
Jenkins Active Directory
668
VMScore
CVE-2020-2300
Jenkins Active Directory Plugin 2.19 and previous versions does not prohibit the use of an empty password in Windows/ADSI mode, which allows malicious users to log in to Jenkins as any user depending on the configuration of the Active Directory server.
Jenkins Active Directory
668
VMScore
CVE-2020-2301
Jenkins Active Directory Plugin 2.19 and previous versions allows malicious users to log in as any user with any password while a successful authentication of that user is still in the optional cache when using Windows/ADSI mode.
Jenkins Active Directory
356
VMScore
CVE-2020-2302
A missing permission check in Jenkins Active Directory Plugin 2.19 and previous versions allows attackers with Overall/Read permission to access the domain health check diagnostic page.
Jenkins Active Directory
1000
VMScore
CVE-2017-5689
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged netwo...
Intel Active Management Technology Firmware 6.1
Intel Active Management Technology Firmware 6.2
Intel Active Management Technology Firmware 10.0
Intel Active Management Technology Firmware 11.0
Intel Active Management Technology Firmware 6.0
Intel Active Management Technology Firmware 9.0
Intel Active Management Technology Firmware 9.1
Intel Active Management Technology Firmware 9.5
Intel Active Management Technology Firmware 7.0
Intel Active Management Technology Firmware 7.1
Intel Active Management Technology Firmware 11.5
Intel Active Management Technology Firmware 11.6
Intel Active Management Technology Firmware 8.0
Intel Active Management Technology Firmware 8.1
1 EDB exploit
2 Metasploit modules
1 Nmap script
36 Github repositories
3 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2024-5274
CVE-2020-17519
CVE-2024-35340
CVE-2021-47558
local
XML injection
CVE-2021-47519
CVE-2021-47543
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »