{"vulnerability": "cve-2023-3299", "sightings": [{"uuid": "75755b6a-12df-4e7c-85e0-ab7e47e9b4cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32998", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2748", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32998\n\ud83d\udd39 Description: A cross-site request forgery (CSRF) vulnerability in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials.\n\ud83d\udccf Published: 2023-05-16T16:00:16.022Z\n\ud83d\udccf Modified: 2025-01-23T15:56:22.413Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3121", "creation_timestamp": "2025-01-23T16:02:51.000000Z"}, {"uuid": "5e619a9c-2937-4d9b-9a4e-353f227ad453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32994", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2742", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32994\n\ud83d\udd39 Description: Jenkins SAML Single Sign On(SSO) Plugin 2.1.0 and earlier unconditionally disables SSL/TLS certificate validation for connections to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.\n\ud83d\udccf Published: 2023-05-16T16:00:13.193Z\n\ud83d\udccf Modified: 2025-01-23T15:59:18.219Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3001%20(2)", "creation_timestamp": "2025-01-23T16:02:43.000000Z"}, {"uuid": "7344d5b0-9d17-4799-9e04-f5c38a2dda10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32999", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2750", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32999\n\ud83d\udd39 Description: A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials.\n\ud83d\udccf Published: 2023-05-16T16:00:16.703Z\n\ud83d\udccf Modified: 2025-01-23T15:54:45.686Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3121", "creation_timestamp": "2025-01-23T16:02:53.000000Z"}, {"uuid": "5df6d2ac-6f7b-4b3a-aee8-b67988b3c8a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32995", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2802", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32995\n\ud83d\udd39 Description: A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.\n\ud83d\udccf Published: 2023-05-16T16:00:13.896Z\n\ud83d\udccf Modified: 2025-01-23T19:57:01.610Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-2994", "creation_timestamp": "2025-01-23T20:03:18.000000Z"}, {"uuid": "f4e6eeda-10d6-4d8c-b939-2d626992394a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32993", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2801", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32993\n\ud83d\udd39 Description: Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.\n\ud83d\udccf Published: 2023-05-16T16:00:12.489Z\n\ud83d\udccf Modified: 2025-01-23T20:00:37.668Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3001%20(1)", "creation_timestamp": "2025-01-23T20:03:18.000000Z"}, {"uuid": "75e08878-2e39-4f09-8ecd-5642d5769cea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32996", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2805", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32996\n\ud83d\udd39 Description: A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.\n\ud83d\udccf Published: 2023-05-16T16:00:14.596Z\n\ud83d\udccf Modified: 2025-01-23T19:53:31.647Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-2994", "creation_timestamp": "2025-01-23T20:03:21.000000Z"}, {"uuid": "9eba33dd-d5ce-4271-98b8-72cc40dc0c05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32998", "type": "seen", "source": "https://t.me/arpsyndicate/2373", "content": "#ExploitObserverAlert\n\nCVE-2023-32998\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-32998. A cross-site request forgery (CSRF) vulnerability in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials.\n\nFIRST-EPSS: 0.000580000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2024-01-03T22:45:39.000000Z"}, {"uuid": "3dd7641f-e7d1-4391-af90-f0dab7928d15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32992", "type": "seen", "source": "https://t.me/cibsecurity/64237", "content": "\u203c CVE-2023-32992 \u203c\n\nMissing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-16T20:30:51.000000Z"}, {"uuid": "3e15f592-a597-4976-ae40-3784c39fe520", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32999", "type": "seen", "source": "https://t.me/cibsecurity/64233", "content": "\u203c CVE-2023-32999 \u203c\n\nA missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified username and password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-16T20:30:47.000000Z"}, {"uuid": "28881bc3-3d16-44ed-bfd6-a124b4de9674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32993", "type": "seen", "source": "https://t.me/cibsecurity/64232", "content": "\u203c CVE-2023-32993 \u203c\n\nJenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier does not perform hostname validation when connecting to miniOrange or the configured IdP to retrieve SAML metadata, which could be abused using a man-in-the-middle attack to intercept these connections.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-16T20:30:46.000000Z"}, {"uuid": "2e7f7f0c-352d-4e22-b4bd-2bc34afc8f5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32996", "type": "seen", "source": "https://t.me/cibsecurity/64231", "content": "\u203c CVE-2023-32996 \u203c\n\nA missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-16T20:30:45.000000Z"}, {"uuid": "d9f8f0b4-cae6-40ef-9849-435545399dc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32998", "type": "seen", "source": "https://t.me/cibsecurity/64226", "content": "\u203c CVE-2023-32998 \u203c\n\nA cross-site request forgery (CSRF) vulnerability in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-16T20:30:40.000000Z"}, {"uuid": "8590eec6-706d-4324-b7d4-7fc87368b06f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32991", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8738", "content": "#exploit\n1. CVE-2023-35086:\nASUS RT-AX56U V2 / RT-AC86U httpd DoS\nhttps://github.com/tin-z/CVE-2023-35086-POC\n\n2. CVE-2023-32991, CVE-2023-32992:\nSSRF in miniorange-saml-sp-plugin\nhttps://securitylab.github.com/advisories/GHSL-2023-074_SAML_Single_Sign_On__SSO__Jenkins_plugin\n\n3. CVE-2023-33802:\nSumatraPDF 3.4.6 - DoS\nhttps://github.com/CDACesec/CVE-2023-33802", "creation_timestamp": "2023-07-26T13:23:32.000000Z"}, {"uuid": "77d47cb6-35e0-4346-9e05-a425c38285d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32992", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8738", "content": "#exploit\n1. CVE-2023-35086:\nASUS RT-AX56U V2 / RT-AC86U httpd DoS\nhttps://github.com/tin-z/CVE-2023-35086-POC\n\n2. CVE-2023-32991, CVE-2023-32992:\nSSRF in miniorange-saml-sp-plugin\nhttps://securitylab.github.com/advisories/GHSL-2023-074_SAML_Single_Sign_On__SSO__Jenkins_plugin\n\n3. CVE-2023-33802:\nSumatraPDF 3.4.6 - DoS\nhttps://github.com/CDACesec/CVE-2023-33802", "creation_timestamp": "2023-07-26T13:23:32.000000Z"}, {"uuid": "ad4d756c-c89e-4bcb-ab2a-a6b37fd438f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-32997", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2746", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32997\n\ud83d\udd39 Description: Jenkins CAS Plugin 1.6.2 and earlier does not invalidate the previous session on login.\n\ud83d\udccf Published: 2023-05-16T16:00:15.315Z\n\ud83d\udccf Modified: 2025-01-23T15:57:28.000Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3000", "creation_timestamp": "2025-01-23T16:02:49.000000Z"}]}