pkg:Maven/org.jenkins-ci.plugins:active-directory

9 total CVEsCRITICAL3HIGH2MEDIUM4

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2020-2300Improper Authentication (empty password) in Jenkins Active Directory Plugin
    >= 2.17, < 2.20
  • CRITICAL9.8CVE-2020-2301Authentication cache in Active Directory Jenkins Plugin allows logging in with any password
    >= 2.17, < 2.20
  • CRITICAL9.8CVE-2020-2299Improper Authentication in Jenkins Active Directory Plugin
    >= 2.17, < 2.20
  • HIGH8.1CVE-2017-2649Jenkins Active Directory Plugin did not verify certificate of AD server
    from 0, < 2.3
  • HIGH7.4CVE-2019-1003009Jenkins Active Directory Plugin Improper certificate validation with StartTLS
    from 0, < 2.11
  • MEDIUM5.9CVE-2023-37943Jenkins Active Directory Plugin vulnerable to Active Directory credential disclosure
    from 0, < 2.30.1
  • MEDIUM4.8CVE-2022-23105User passwords transmitted in plain text by Jenkins Active Directory Plugin
    from 0, < 2.25.1
  • MEDIUM4.3CVE-2020-2302Missing permission check in Jenkins Active Directory Plugin allows accessing domain health check page
    from 0, < 2.20
  • MEDIUM4.3CVE-2020-2303CSRF vulnerability in Jenkins Active Directory Plugin
    from 0, < 2.20