Security Advisory

CVE-2023-40343

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-08-16 14:32:53

Last updated 2024-10-08 18:30:49

Assigner jenkins

State PUBLISHED

Description

Jenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.

← Browse all CVEs View on cve.org ↗