Severity
High
Analysis Summary
CVE-2023-24426
Jenkins Azure AD Plugin could allow a remote attacker to bypass security restrictions, caused by not invalidate the existing session on login. By utilize social engineering attack techniques, an attacker could exploit this vulnerability to gain administrator access to Jenkins.
Impact
- Security Bypass
Indicators Of Compromise
CVE
CVE-2023-24426
- CVE-2023-24426
Affected Vendors
Jenkins
Affected Products
- Jenkins Azure AD Plugin 303.va_91ef20ee49f
Remediation
Refer to Jenkins Security Advisory for patch, upgrade or suggested workaround information.