Openid Connect Authentication Plugin 漏洞

时间轴

版本

2.03
2.13
2.23
2.33
2.43

修正

Official Fix0
Temporary Fix0
Workaround0
Unavailable0
Not Defined4

易受攻击性

High0
Functional0
Proof-of-Concept0
Unproven0
Not Defined4

访问向量

Not Defined0
Physical0
Local1
Adjacent0
Network3

身份验证

Not Defined0
High0
Low1
None3

用户交互

Not Defined0
Required2
None2

C3BM Index

去年

CVSSv3 Base

≤10
≤20
≤30
≤40
≤52
≤61
≤71
≤80
≤90
≤100

CVSSv3 Temp

≤10
≤20
≤30
≤40
≤52
≤61
≤71
≤80
≤90
≤100

VulDB

≤10
≤20
≤30
≤42
≤52
≤60
≤70
≤80
≤90
≤100

NVD

≤10
≤20
≤30
≤40
≤51
≤60
≤72
≤80
≤91
≤100

CNA

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

供应商

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

Research

≤10
≤20
≤30
≤40
≤50
≤60
≤70
≤80
≤90
≤100

零日攻击

<1k1
<2k3
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

本日攻击

<1k3
<2k1
<5k0
<10k0
<25k0
<50k0
<100k0
≥100k0

攻击市场容量

去年

🔴 CTI 活动

Affected Versions (12): 1.0, 1.1, 1.2, 1.3, 1.4, 2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6

软件类型: Jenkins Plugin

已发布BaseTemp漏洞0day今天修正CTICVE
2023-12-145.05.0OpenId Connect Authentication Plugin Controller File System 信息公开$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2023-50770
2023-12-135.25.2OpenId Connect Authentication Plugin Redirect$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2023-50771
2023-01-276.26.2OpenId Connect Authentication Plugin 弱身份验证$0-$5k$0-$5kNot DefinedNot Defined0.04CVE-2023-24424
2019-02-064.34.3OpenId Connect Authentication Plugin config.jelly 信息公开$0-$5k$0-$5kNot DefinedNot Defined0.00CVE-2019-1003021

上一步一览下一步

Do you need the next level of professionalism?

Upgrade your account now!