Jenkins - Azure Ad CVE

Filtered by vendor Jenkins Subscribe

Filtered by product Azure Ad

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-21679	1 Jenkins	1 Azure Ad	2023-11-22	6.8 MEDIUM	8.8 HIGH
Jenkins Azure AD Plugin 179.vf6841393099e and earlier allows attackers to craft URLs that would bypass the CSRF protection of any target URL in Jenkins.
CVE-2019-10318	1 Jenkins	1 Azure Ad	2020-10-02	4.0 MEDIUM	8.8 HIGH
Jenkins Azure AD Plugin 0.3.3 and earlier stored the client secret unencrypted in the global config.xml configuration file on the Jenkins master where it could be viewed by users with access to the master file system.

Vulnerabilities (CVE)