Known Vulnerabilities for Active Directory by Jenkins
Listed below are 8 of the newest known vulnerabilities associated with "Active Directory" by "Jenkins".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33665 | n8n is an open source workflow automation platform. Prior to versions 2.4.0 and 1.121.0, when LDAP authentication is enabled,... | Not Provided | 2026-03-25 | 2026-03-27 |
| CVE-2022-23105 | Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and... | 6.5 - MEDIUM | 2022-01-12 | 2023-11-15 |
| CVE-2020-2303 | A cross-site request forgery (CSRF) vulnerability in Jenkins Active Directory Plugin 2.19 and earlier allows attackers to per... | 4.3 - MEDIUM | 2020-11-04 | 2023-11-03 |
| CVE-2020-2302 | A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission ... | 4.3 - MEDIUM | 2020-11-04 | 2023-10-25 |
| CVE-2020-2301 | Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful ... | 9.8 - CRITICAL | 2020-11-04 | 2023-10-25 |
| CVE-2020-2300 | Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which a... | 9.8 - CRITICAL | 2020-11-04 | 2023-10-25 |
| CVE-2020-2299 | Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user if a magic constant is used as the pa... | 9.8 - CRITICAL | 2020-11-04 | 2023-10-25 |
| CVE-2019-1003009 | An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/... | 7.4 - HIGH | 2019-02-06 | 2023-10-25 |
| CVE-2017-2649 | It was found that the Active Directory Plugin for Jenkins up to and including version 2.2 did not verify certificates of the ... | 8.1 - HIGH | 2018-07-27 | 2019-10-09 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Jenkins | Active Directory | 2.9 | All | All | All |
| Application | Jenkins | Active Directory | 2.8 | All | All | All |
| Application | Jenkins | Active Directory | 2.7 | All | All | All |
| Application | Jenkins | Active Directory | 2.6 | All | All | All |
| Application | Jenkins | Active Directory | 2.5 | All | All | All |
| Application | Jenkins | Active Directory | 2.4 | All | All | All |
| Application | Jenkins | Active Directory | 2.3 | All | All | All |
| Application | Jenkins | Active Directory | 2.2 | All | All | All |
| Application | Jenkins | Active Directory | 2.19 | All | All | All |
| Application | Jenkins | Active Directory | 2.13 | All | All | All |
| Application | Jenkins | Active Directory | 2.12 | All | All | All |
| Application | Jenkins | Active Directory | 2.11 | All | All | All |
| Application | Jenkins | Active Directory | 2.10 | All | All | All |
| Application | Jenkins | Active Directory | 2.1 | All | All | All |
| Application | Jenkins | Active Directory | 2.0 | All | All | All |
| Application | Jenkins | Active Directory | 1.9 | All | All | All |
| Application | Jenkins | Active Directory | 1.8 | All | All | All |
| Application | Jenkins | Active Directory | 1.7 | All | All | All |
| Application | Jenkins | Active Directory | 1.6 | All | All | All |
| Application | Jenkins | Active Directory | 1.5 | All | All | All |