{"vulnerability": "CVE-2025-24399", "sightings": [{"uuid": "b5c023f9-0a45-4cd1-b9e4-701796fe0836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24399", "type": "seen", "source": "https://t.me/cvedetector/16130", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24399 - Jenkins OpenId Connect Authentication Plugin Case Insensitive Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24399 \nPublished : Jan. 22, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : Jenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances configured with a case-sensitive OpenID Connect provider to log in as any user by providing a username that differs only in letter case, potentially gaining administrator access to Jenkins. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T18:54:35.000000Z"}, {"uuid": "6812b2c3-f0cb-4f67-97ce-a9257f63c5b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24399", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113878454523039903", "content": "", "creation_timestamp": "2025-01-23T15:48:51.410688Z"}, {"uuid": "ba8b0e47-fee5-4595-ab1f-a34723b3821f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24399", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdums65sx2f", "content": "", "creation_timestamp": "2025-01-22T17:15:56.905719Z"}, {"uuid": "a3966fdd-3fc1-4471-9345-64af24cafb4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24399", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113873287621870613", "content": "", "creation_timestamp": "2025-01-22T17:54:36.375498Z"}, {"uuid": "a8a8599f-6fb4-46c9-8e02-cb35f2b6ed88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24399", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge5j6ydpu2u", "content": "", "creation_timestamp": "2025-01-22T19:55:04.861824Z"}, {"uuid": "c27a909d-68c5-4747-ac08-2450055faf8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-24399", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2739", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-24399\n\ud83d\udd39 Description: Jenkins OpenId Connect Authentication Plugin 4.452.v2849b_d3945fa_ and earlier, except 4.438.440.v3f5f201de5dc, treats usernames as case-insensitive, allowing attackers on Jenkins instances configured with a case-sensitive OpenID Connect provider to log in as any user by providing a username that differs only in letter case, potentially gaining administrator access to Jenkins.\n\ud83d\udccf Published: 2025-01-22T17:02:52.963Z\n\ud83d\udccf Modified: 2025-01-23T14:46:01.034Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2025-01-22/#SECURITY-3461", "creation_timestamp": "2025-01-23T15:03:01.000000Z"}]}