Description
Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.
Remediation
References
https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3001%20(1)
Related Vulnerabilities
CVE-2019-11777 Vulnerability in maven package org.eclipse.paho:org.eclipse.paho.client.mqttv3
CVE-2017-1000092 Vulnerability in maven package org.jenkins-ci.plugins:git
CVE-2022-45143 Vulnerability in maven package org.apache.tomcat:tomcat-catalina
CVE-2022-36096 Vulnerability in maven package org.xwiki.platform:xwiki-platform-index-ui
CVE-2023-49656 Vulnerability in maven package org.jenkins-ci.plugins:matlab