CVE-2022-23105

Summary

Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations.

Affected Software

VendorProductVersion RangeStatus
Jenkins projectJenkins Active Directory Pluginunspecified <= 2.25affected
Jenkins projectJenkins Active Directory Plugin2.23.1unaffected
Jenkins projectJenkins Active Directory Plugin2.24.1unaffected

Weaknesses

ADP Enrichment

CVE Program Container

Additional References

References