-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability stems from the ActiveDirectoryStatus class handling the domain health check endpoint without proper authorization. In versions ≤2.19, the class did not implement StaplerProxy or override getRequiredPermission(), allowing access with Overall/Read permissions. The fix in 2.20 added getTarget() (to enforce permission checks via checkPermission()) and getRequiredPermission() (to require ADMINISTER), which were missing in vulnerable versions. The class itself acts as the entry point for the insecure endpoint, making it the core vulnerable component.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.jenkins-ci.plugins:active-directory | maven | < 2.20 | 2.20 |
JavaJavaOngoing coverage of React2Shell