{"id":"CVE-2024-47806","details":"Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins.","aliases":["GHSA-49hx-9mm2-7675"],"modified":"2026-04-12T09:38:28.655918Z","published":"2024-10-02T16:15:10.807Z","references":[{"type":"ADVISORY","url":"https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3441%20(1)"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/jenkinsci/oic-auth-plugin","events":[{"introduced":"0"},{"fixed":"3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.355.v3a_fb_fca_b_96d4"}]}}],"versions":["4.223.v503b_9a_75a_8a_f","4.224.v62720cfa_026e","4.225.v03326773b_44b_","4.227.v36610663f760","4.228.v0c3e8682ff1f","4.229.vf736b_fec02f4","4.236.v4124503b_a_f88","4.238.v0021f710b_b_f4","4.239.v325750a_96f3b_","4.250.v5a_d993226437","4.257.v5360e8489e8b_","4.269.va_7526f34f306","4.279.vca_c1e2fdd24b_","4.284.v0cc21de03d37","4.290.v6f5e8da_e98b_2","4.297.vcddb_d8a_e4694","4.299.v5ca_eb_6a_f3e6d","4.303.v84089a_708ea_7","4.320.v23537cb_a_b_5c6","4.324.vfd49d010926b_","4.329.v994d3f265d68","4.330.v6fdfc07513e3","4.331.vd925b_f76f3a_c","4.340.ve70636c6590e","4.346.v10401f543622","4.350.v347c3b_8b_9d95","4.354.v321ce67a_1de8","next","oic-auth-1.0","oic-auth-1.1","oic-auth-1.2","oic-auth-1.3","oic-auth-1.4","oic-auth-1.5","oic-auth-1.6","oic-auth-1.7","oic-auth-1.8","oic-auth-2.0","oic-auth-2.1","oic-auth-2.2","oic-auth-2.3","oic-auth-2.4","oic-auth-2.5","oic-auth-2.6","oic-auth-3.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-47806.json","vanir_signatures":[{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/oic/OicServerConfiguration.java"},"id":"CVE-2024-47806-2ad7d07a","digest":{"threshold":0.9,"line_hashes":["256061485659523066401596643294046984630","257765814964660403838855411271271325177"]},"signature_version":"v1","signature_type":"Line"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/oic/WellKnownOpenIDConfigurationResponse.java","function":"equals"},"id":"CVE-2024-47806-301cbb16","digest":{"length":809,"function_hash":"297498098011953112482366324272113104330"},"signature_version":"v1","signature_type":"Function"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/oic/OicServerWellKnownConfiguration.java","function":"loadWellKnownConfigIfNeeded"},"id":"CVE-2024-47806-35ea554b","digest":{"length":1661,"function_hash":"105711094136723771885761544430544272451"},"signature_version":"v1","signature_type":"Function"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/oic/OicServerWellKnownConfiguration.java"},"id":"CVE-2024-47806-9460a366","digest":{"threshold":0.9,"line_hashes":["67570701970673608222212844732681600451","30612755203717281182159335229943959434","114019359486688298880153102542411198389","256774372589463568930272565918548697022","258424108051625856895541237240023441891","129403820850832066605691314560905879004","52110133900857583825608322889202922637","165752251003513091999206391306430097875","323234670084021938229962994968830984749","321111043166444278663051489956238951823","188487400518828833647667787539964226223"]},"signature_version":"v1","signature_type":"Line"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java","function":"getJwksVerifier"},"id":"CVE-2024-47806-9806d01c","digest":{"length":309,"function_hash":"157054352151428089053289239904853867913"},"signature_version":"v1","signature_type":"Function"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/test/java/org/jenkinsci/plugins/oic/WellKnownOpenIDConfigurationResponseTest.java"},"id":"CVE-2024-47806-af875a30","digest":{"threshold":0.9,"line_hashes":["279698833750425947525703948078816992325","147284918173078535919043697079553043792","87602677173282422063083264925096666912","46920224649904095199730423177845040592"]},"signature_version":"v1","signature_type":"Line"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/oic/OicSecurityRealm.java"},"id":"CVE-2024-47806-b0e95e23","digest":{"threshold":0.9,"line_hashes":["236303537022941432981206460697615198502","125685445912520819358114642204510569008","330504828146206084045210557581460035864","204756633887330422922250312643824196","25293201397160549320815512994875071867","325893275459471017740147229425900338919","301624969112684589726612293273225264003","50247501791641186898586728932156551865","328647082816628523511796785449251278014"]},"signature_version":"v1","signature_type":"Line"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/oic/WellKnownOpenIDConfigurationResponse.java","function":"hashCode"},"id":"CVE-2024-47806-b882f343","digest":{"length":197,"function_hash":"29952804587327918496339983918505878907"},"signature_version":"v1","signature_type":"Function"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/test/java/org/jenkinsci/plugins/oic/TestRealm.java","function":"buildServerConfiguration"},"id":"CVE-2024-47806-c0fa9cc0","digest":{"length":527,"function_hash":"273304665140457197766800190702400505760"},"signature_version":"v1","signature_type":"Function"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/oic/OicServerManualConfiguration.java"},"id":"CVE-2024-47806-c949f790","digest":{"threshold":0.9,"line_hashes":["201050064178905129074476714339681648955","330043524979038160282925669579808564669","110147692349848981539286867246792452317","112444827900497748135072156335289918115","86785129386990880817417334251433945543","39086526194484634361430461927233038131","11707601743025545273483820174494878323","58596175917088299940106171201693575945","148242724711789298394863091197540224515","25140028688739185774895957073348261127","325019186459557169542389460003072534112","194958183224686336252502095722104702526","322973512217322830364665836636311737454"]},"signature_version":"v1","signature_type":"Line"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/test/java/org/jenkinsci/plugins/oic/TestRealm.java"},"id":"CVE-2024-47806-c97cf77b","digest":{"threshold":0.9,"line_hashes":["23002094923523951222699773488249996349","130091578209867618092953323736021423943","213208352082872479970700727763949398232","126346310258006946231055082506112523640","127579992634920259233379944650714847386","71421886310570502731742658067654327527","171157213275264433344269730767435624497","232672106298324254311697113265486465972","321760777197653370612088198091554850567","37159195187649693002430935745873365941","202172740987343283882852579855369900135"]},"signature_version":"v1","signature_type":"Line"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/test/java/org/jenkinsci/plugins/oic/PluginTest.java"},"id":"CVE-2024-47806-d7ebd35a","digest":{"threshold":0.9,"line_hashes":["161317197119904493957361558825244779884","63369114150939990389630907483136381152","295649076160362864058949356817687832287","304898149437379446666749828901317430201","232702553952152118909275985523207818869","217170765236630448057097666318424834662","301019854247239615514928015183879433660"]},"signature_version":"v1","signature_type":"Line"},{"source":"https://github.com/jenkinsci/oic-auth-plugin/commit/3afbfcab96d4d3841e0e24b57f4ad5e7ee3013e4","deprecated":false,"target":{"file":"src/main/java/org/jenkinsci/plugins/oic/WellKnownOpenIDConfigurationResponse.java"},"id":"CVE-2024-47806-e8f9209e","digest":{"threshold":0.9,"line_hashes":["111517117560259178425056293319653484063","264027140702633219871725454386870732972","113478281016836838414648830953493031023","167795531525830302529803066793750666857","188748458584022324723966213549833092579","226042909789617629791837132891906519673","149768938167854899418931047981316298609","270142601276665064689079019402276037379","94010402263607502880783746979546887009","120422323437846852563766962965370014365","71697386865457945564738575538365628257","52366640225766735144145357928405877191","287827912097121876302756846823550023624","186721033519600290962218188544736055489"]},"signature_version":"v1","signature_type":"Line"}],"vanir_signatures_modified":"2026-04-12T09:38:28Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}