CVE-2019-1003009

An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java, src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java that allows attackers to impersonate the Active Directory server Jenkins connects to for authentication if Jenkins is configured to use StartTLS.

CVSS v3 7.4 HIGH
CVSS v2.0 5.8 MEDIUM

7.4^/10

CVSS v3 : HIGH

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Exploitability : 2.2 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

5.8^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:N

Exploitability : 8.6 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
https://jenkins.io/security/advisory/2019-01-28/#SECURITY-859	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:active_directory:*:*:*:*:*:jenkins:*:*

History

No history.

Information

Published : 2019-02-06 16:29

Updated : 2023-12-10 12:44

NVD link : CVE-2019-1003009

Mitre link : CVE-2019-1003009

CVE.ORG link : CVE-2019-1003009

JSON object : View

Products Affected

jenkins

active_directory

CWE

CWE-295

Improper Certificate Validation

{"id": "CVE-2019-1003009", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.8, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.4, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.2}]}, "published": "2019-02-06T16:29:00.530", "references": [{"url": "https://jenkins.io/security/advisory/2019-01-28/#SECURITY-859", "tags": ["Vendor Advisory"], "source": "jenkinsci-cert@googlegroups.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-295"}]}], "descriptions": [{"lang": "en", "value": "An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java, src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java that allows attackers to impersonate the Active Directory server Jenkins connects to for authentication if Jenkins is configured to use StartTLS."}, {"lang": "es", "value": "Existe una vulnerabilidad de validaci\u00f3n incorrecta de certificados en Jenkins Active Directory Plugin, en versiones 2.10 y anteriores, en src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java y src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java que permite que los atacantes suplanten el servidor Active Directory al que se conecta Jenkins para autenticarse si Jenkins est\u00e1 configurado para emplear StartTLS."}], "lastModified": "2023-10-25T18:16:01.657", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:active_directory:*:*:*:*:*:jenkins:*:*", "vulnerable": true, "matchCriteriaId": "C13BBD41-0FF2-4BDD-A079-5ED3310206F7", "versionEndIncluding": "2.10"}], "operator": "OR"}]}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com"}