Vulnerability Details CVE-2024-47806
Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.0%
CVSS Severity
CVSS v3 Score 8.1
Products affected by CVE-2024-47806
-
cpe:2.3:a:jenkins:openid_connect_authentication:-
-
cpe:2.3:a:jenkins:openid_connect_authentication:1.0
-
cpe:2.3:a:jenkins:openid_connect_authentication:1.1
-
cpe:2.3:a:jenkins:openid_connect_authentication:1.2
-
cpe:2.3:a:jenkins:openid_connect_authentication:1.3
-
cpe:2.3:a:jenkins:openid_connect_authentication:1.4
-
cpe:2.3:a:jenkins:openid_connect_authentication:1.5
-
cpe:2.3:a:jenkins:openid_connect_authentication:1.6
-
cpe:2.3:a:jenkins:openid_connect_authentication:1.7
-
cpe:2.3:a:jenkins:openid_connect_authentication:1.8
-
cpe:2.3:a:jenkins:openid_connect_authentication:2.0.0
-
cpe:2.3:a:jenkins:openid_connect_authentication:2.1
-
cpe:2.3:a:jenkins:openid_connect_authentication:2.2
-
cpe:2.3:a:jenkins:openid_connect_authentication:2.3
-
cpe:2.3:a:jenkins:openid_connect_authentication:2.4
-
cpe:2.3:a:jenkins:openid_connect_authentication:2.5
-
cpe:2.3:a:jenkins:openid_connect_authentication:2.6
-
cpe:2.3:a:jenkins:openid_connect_authentication:3.0
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.223.v503b_9a_75a_8a_f
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.224.v62720cfa_026e
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.225.v03326773b_44b
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.227.v36610663f760
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.228.v0c3e8682ff1f
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.229.vf736b_fec02f4
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.236.v4124503b_a_f88
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.238.v0021f710b_b_f4
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.239.v325750a_96f3b
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.250.v5a_d993226437
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.257.v5360e8489e8b
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.269.va_7526f34f306
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.279.vca_c1e2fdd24b
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.284.v0cc21de03d37
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.290.v6f5e8da_e98b_2
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.297.vcddb_d8a_e4694
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.299.v5ca_eb_6a_f3e6d
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.303.v84089a_708ea_7
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.320.v23537cb_a_b_5c6
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.324.vfd49d010926b
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.329.v994d3f265d68
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.330.v6fdfc07513e3
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.331.vd925b_f76f3a_c
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.340.ve70636c6590e
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.346.v10401f543622
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.350.v347c3b_8b_9d95
-
cpe:2.3:a:jenkins:openid_connect_authentication:4.354.v321ce67a_1de8