Описание
User passwords transmitted in plain text by Jenkins Active Directory Plugin
Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations.
Пакеты
Наименование
org.jenkins-ci.plugins:active-directory
maven
Затронутые версииВерсия исправления
< 2.25.1
2.25.1
Связанные уязвимости
CVSS3: 6.5
nvd
около 4 лет назад
Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations.