CVE-2020-2299

CVSS v3.1 9.8 (Critical)

CVSS v2.0 7.5 (High)

EPSS 0.24 % (65^th)

Affected Products 1

Advisories 2

Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user if a magic constant is used as the password.

		CPE23	From	Up To
	Jenkins Active Directory for Jenkins 2.19 and prior versions	cpe:2.3:a:jenkins:active_directory::::::jenkins		<= 2.19