Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2023-41935

Jenkins Azure AD Plugin 396.v86ce29279947 and earlier, except 378.380.v545b_1154b_3fb_, uses a non-constant time comparison function when checking whether the provided and expected CSRF protection nonce are equal, potentially allowing attackers to use statistical methods to obtain a valid nonce.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.7%
CVSS Severity
CVSS v3 Score 7.5
Products affected by CVE-2023-41935
  • Jenkins » Azure Ad » Version: 0.1.1
    cpe:2.3:a:jenkins:azure_ad:0.1.1
  • Jenkins » Azure Ad » Version: 0.1.1-1
    cpe:2.3:a:jenkins:azure_ad:0.1.1-1
  • Jenkins » Azure Ad » Version: 0.2.0
    cpe:2.3:a:jenkins:azure_ad:0.2.0
  • Jenkins » Azure Ad » Version: 0.3.0
    cpe:2.3:a:jenkins:azure_ad:0.3.0
  • Jenkins » Azure Ad » Version: 0.3.1
    cpe:2.3:a:jenkins:azure_ad:0.3.1
  • Jenkins » Azure Ad » Version: 0.3.2
    cpe:2.3:a:jenkins:azure_ad:0.3.2
  • Jenkins » Azure Ad » Version: 0.3.3
    cpe:2.3:a:jenkins:azure_ad:0.3.3
  • Jenkins » Azure Ad » Version: 0.3.4
    cpe:2.3:a:jenkins:azure_ad:0.3.4
  • Jenkins » Azure Ad » Version: 1.0.0
    cpe:2.3:a:jenkins:azure_ad:1.0.0
  • Jenkins » Azure Ad » Version: 1.1.0
    cpe:2.3:a:jenkins:azure_ad:1.1.0
  • Jenkins » Azure Ad » Version: 1.1.1
    cpe:2.3:a:jenkins:azure_ad:1.1.1
  • Jenkins » Azure Ad » Version: 1.1.2
    cpe:2.3:a:jenkins:azure_ad:1.1.2
  • Jenkins » Azure Ad » Version: 1.2.0
    cpe:2.3:a:jenkins:azure_ad:1.2.0
  • Jenkins » Azure Ad » Version: 1.2.1
    cpe:2.3:a:jenkins:azure_ad:1.2.1
  • Jenkins » Azure Ad » Version: 1.2.2
    cpe:2.3:a:jenkins:azure_ad:1.2.2
  • Jenkins » Azure Ad » Version: 1.2.3
    cpe:2.3:a:jenkins:azure_ad:1.2.3
  • Jenkins » Azure Ad » Version: 146.vb688d1511c38
    cpe:2.3:a:jenkins:azure_ad:146.vb688d1511c38
  • Jenkins » Azure Ad » Version: 150.vb3db9f880321
    cpe:2.3:a:jenkins:azure_ad:150.vb3db9f880321
  • Jenkins » Azure Ad » Version: 152.v1609ed460604
    cpe:2.3:a:jenkins:azure_ad:152.v1609ed460604
  • Jenkins » Azure Ad » Version: 153.v7af57b288088
    cpe:2.3:a:jenkins:azure_ad:153.v7af57b288088
  • Jenkins » Azure Ad » Version: 154.v12e17a5f9ea3
    cpe:2.3:a:jenkins:azure_ad:154.v12e17a5f9ea3
  • Jenkins » Azure Ad » Version: 155.v745ce80af7ea
    cpe:2.3:a:jenkins:azure_ad:155.v745ce80af7ea
  • Jenkins » Azure Ad » Version: 157.v2d3d5782a602
    cpe:2.3:a:jenkins:azure_ad:157.v2d3d5782a602
  • Jenkins » Azure Ad » Version: 158.v437429002c6b
    cpe:2.3:a:jenkins:azure_ad:158.v437429002c6b
  • Jenkins » Azure Ad » Version: 164.v5b48baa961d2
    cpe:2.3:a:jenkins:azure_ad:164.v5b48baa961d2
  • Jenkins » Azure Ad » Version: 165.v36344b7d7ca7
    cpe:2.3:a:jenkins:azure_ad:165.v36344b7d7ca7
  • Jenkins » Azure Ad » Version: 167.v34c2c5a3a030
    cpe:2.3:a:jenkins:azure_ad:167.v34c2c5a3a030
  • Jenkins » Azure Ad » Version: 168.ve6e7e368dbf6
    cpe:2.3:a:jenkins:azure_ad:168.ve6e7e368dbf6
  • Jenkins » Azure Ad » Version: 170.v0a6219442a99
    cpe:2.3:a:jenkins:azure_ad:170.v0a6219442a99
  • Jenkins » Azure Ad » Version: 171.v9ef20c94d336
    cpe:2.3:a:jenkins:azure_ad:171.v9ef20c94d336
  • Jenkins » Azure Ad » Version: 172.vf6a517c3329a
    cpe:2.3:a:jenkins:azure_ad:172.vf6a517c3329a
  • Jenkins » Azure Ad » Version: 173.v0a210fffb510
    cpe:2.3:a:jenkins:azure_ad:173.v0a210fffb510
  • Jenkins » Azure Ad » Version: 174.vc2d906355813
    cpe:2.3:a:jenkins:azure_ad:174.vc2d906355813
  • Jenkins » Azure Ad » Version: 175.v5513346d764a
    cpe:2.3:a:jenkins:azure_ad:175.v5513346d764a
  • Jenkins » Azure Ad » Version: 177.v80b6c1591bf9
    cpe:2.3:a:jenkins:azure_ad:177.v80b6c1591bf9
  • Jenkins » Azure Ad » Version: 178.v7b93892fbe4c
    cpe:2.3:a:jenkins:azure_ad:178.v7b93892fbe4c
  • Jenkins » Azure Ad » Version: 179.vf6841393099e
    cpe:2.3:a:jenkins:azure_ad:179.vf6841393099e
  • Jenkins » Azure Ad » Version: 180.v8b1e80e6f242
    cpe:2.3:a:jenkins:azure_ad:180.v8b1e80e6f242
  • Jenkins » Azure Ad » Version: 183.vf8c6fa4c6567
    cpe:2.3:a:jenkins:azure_ad:183.vf8c6fa4c6567
  • Jenkins » Azure Ad » Version: 184.v44f04b65bdd5
    cpe:2.3:a:jenkins:azure_ad:184.v44f04b65bdd5
  • Jenkins » Azure Ad » Version: 185.v3b416408dcb1
    cpe:2.3:a:jenkins:azure_ad:185.v3b416408dcb1
  • Jenkins » Azure Ad » Version: 188.v2369adb95a31
    cpe:2.3:a:jenkins:azure_ad:188.v2369adb95a31
  • Jenkins » Azure Ad » Version: 189.v2da14dccdb43
    cpe:2.3:a:jenkins:azure_ad:189.v2da14dccdb43
  • Jenkins » Azure Ad » Version: 190.v872b1977148a
    cpe:2.3:a:jenkins:azure_ad:190.v872b1977148a
  • Jenkins » Azure Ad » Version: 191.vfc8019068670
    cpe:2.3:a:jenkins:azure_ad:191.vfc8019068670
  • Jenkins » Azure Ad » Version: 194.v70a6d5203ce4
    cpe:2.3:a:jenkins:azure_ad:194.v70a6d5203ce4
  • Jenkins » Azure Ad » Version: 195.v8555a0bf0d22
    cpe:2.3:a:jenkins:azure_ad:195.v8555a0bf0d22
  • Jenkins » Azure Ad » Version: 213.v5b_00db_295f49
    cpe:2.3:a:jenkins:azure_ad:213.v5b_00db_295f49
  • Jenkins » Azure Ad » Version: 218.v90f6a_980b_a_61
    cpe:2.3:a:jenkins:azure_ad:218.v90f6a_980b_a_61
  • Jenkins » Azure Ad » Version: 233.v934e074916c7
    cpe:2.3:a:jenkins:azure_ad:233.v934e074916c7
  • Jenkins » Azure Ad » Version: 234.vb_ece34ecd5ff
    cpe:2.3:a:jenkins:azure_ad:234.vb_ece34ecd5ff
  • Jenkins » Azure Ad » Version: 241.vb_e5cd7c35b_2e
    cpe:2.3:a:jenkins:azure_ad:241.vb_e5cd7c35b_2e
  • Jenkins » Azure Ad » Version: 267.v5b_dfb_514d9fd
    cpe:2.3:a:jenkins:azure_ad:267.v5b_dfb_514d9fd
  • Jenkins » Azure Ad » Version: 303.va_91ef20ee49f
    cpe:2.3:a:jenkins:azure_ad:303.va_91ef20ee49f
  • Jenkins » Azure Ad » Version: 306.va_7083923fd50
    cpe:2.3:a:jenkins:azure_ad:306.va_7083923fd50
  • Jenkins » Azure Ad » Version: 308.v10a_6e24f30b_4
    cpe:2.3:a:jenkins:azure_ad:308.v10a_6e24f30b_4
  • Jenkins » Azure Ad » Version: 313.v14b_f37ff114d
    cpe:2.3:a:jenkins:azure_ad:313.v14b_f37ff114d
  • Jenkins » Azure Ad » Version: 336.vd05b_01358644
    cpe:2.3:a:jenkins:azure_ad:336.vd05b_01358644
  • Jenkins » Azure Ad » Version: 340.vdef002cf6415
    cpe:2.3:a:jenkins:azure_ad:340.vdef002cf6415
  • Jenkins » Azure Ad » Version: 345.vdb_07735a_767d
    cpe:2.3:a:jenkins:azure_ad:345.vdb_07735a_767d
  • Jenkins » Azure Ad » Version: 348.vefd011eea_20b
    cpe:2.3:a:jenkins:azure_ad:348.vefd011eea_20b
  • Jenkins » Azure Ad » Version: 378.vd6e2874a_69eb
    cpe:2.3:a:jenkins:azure_ad:378.vd6e2874a_69eb
  • Jenkins » Azure Ad » Version: 385.v5d9f88612dd2
    cpe:2.3:a:jenkins:azure_ad:385.v5d9f88612dd2
  • Jenkins » Azure Ad » Version: 391.v252da_e1dd39c
    cpe:2.3:a:jenkins:azure_ad:391.v252da_e1dd39c
  • Jenkins » Azure Ad » Version: 392.v4e15d33fe85d
    cpe:2.3:a:jenkins:azure_ad:392.v4e15d33fe85d
  • Jenkins » Azure Ad » Version: 393.v03d1cfd50759
    cpe:2.3:a:jenkins:azure_ad:393.v03d1cfd50759
  • Jenkins » Azure Ad » Version: 396.v86ce29279947
    cpe:2.3:a:jenkins:azure_ad:396.v86ce29279947


Products
Pricing
Contact Us

Shodan ® - All rights reserved