Unencrypted Transmission of Data in Jenkins Active Directory Plugin
CVE-2022-23105 · MEDIUM Severity
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Jenkins Active Directory Plugin 2.25 and earlier does not encrypt the transmission of data between the Jenkins controller and Active Directory servers in most configurations.
Learn more about our Cis Benchmark Audit For Server Software.