Multiple vulnerabilities in Jenkins OpenId Connect Authentication plugin
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2023-50770 CVE-2023-50771 |
| CWE-ID | CWE-257 CWE-601 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
OpenId Connect Authentication Web applications / Modules and components for CMS |
| Vendor | Jenkins |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Storing passwords in a recoverable format
EUVDB-ID: #VU84455
Risk: Low
CVSSv3.1: 6 [CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-50770
CWE-ID:
CWE-257 - Storing Passwords in a Recoverable Format
Exploit availability: No
DescriptionThe vulnerability allows a local user to compromise the target system.
The vulnerability exists due to the affected plugin stores a password of a local user account used as an anti-lockout feature in a recoverable format. A local administrator can recover the plain text password of that account.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsOpenId Connect Authentication: 1.0 - 2.6
CPE2.3- cpe:2.3:a:jenkins:openid_connect_authentication:1.0:*:*:*:*:*:*:
- cpe:2.3:a:jenkins:openid_connect_authentication:1.1:*:*:*:*:*:*:
- cpe:2.3:a:jenkins:openid_connect_authentication:1.2:*:*:*:*:*:*:
http://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3168
http://www.openwall.com/lists/oss-security/2023/12/13/4
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Open redirect
EUVDB-ID: #VU84456
Risk: Low
CVSSv3.1: 4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-50771
CWE-ID:
CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to redirect victims to arbitrary URL.
The vulnerability exists due to improper sanitization of user-supplied data. A remote attacker can create a link that leads to a trusted website, however, when clicked, redirects the victim to arbitrary domain.
Successful exploitation of this vulnerability may allow a remote attacker to perform a phishing attack and steal potentially sensitive information.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsOpenId Connect Authentication: 1.0 - 2.6
CPE2.3- cpe:2.3:a:jenkins:openid_connect_authentication:1.0:*:*:*:*:*:*:
- cpe:2.3:a:jenkins:openid_connect_authentication:1.1:*:*:*:*:*:*:
- cpe:2.3:a:jenkins:openid_connect_authentication:1.2:*:*:*:*:*:*:
http://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-2979
http://www.openwall.com/lists/oss-security/2023/12/13/4
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
