Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins reverse proxy auth vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-45384
Jenkins Reverse Proxy Auth Plugin 1.7.3 and previous versions stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system.
Jenkins Reverse Proxy Auth
2.1
CVSSv2
CVE-2018-1000150
An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users.
Jenkins Reverse Proxy Auth
NA
CVE-2023-32987
A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and previous versions allows malicious users to connect to an attacker-specified LDAP server using attacker-specified credentials.
Jenkins Reverse Proxy Auth
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started