Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
jenkins reverse proxy auth vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-32987
A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and previous versions allows malicious users to connect to an attacker-specified LDAP server using attacker-specified credentials.
Jenkins Reverse Proxy Auth
6.5
CVSSv3
CVE-2022-45384
Jenkins Reverse Proxy Auth Plugin 1.7.3 and previous versions stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system.
Jenkins Reverse Proxy Auth
3.3
CVSSv3
CVE-2018-1000150
An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users.
Jenkins Reverse Proxy Auth
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started