Medium severity5.9NVD Advisory· Published Jun 26, 2018· Updated Jun 17, 2026
CVE-2018-1000602
CVE-2018-1000602
Description
A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorized attackers to impersonate another users if they can control the pre-authentication session.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:samlMaven | < 1.0.7 | 1.0.7 |
Affected products
1Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-4pjx-86pg-x4j5ghsaADVISORY
- jenkins.io/security/advisory/2018-06-25/nvdVendor AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2018-1000602ghsaADVISORY
- github.com/jenkinsci/saml-plugin/commit/fd95d576bda64b278071428c7fbee03c02f843c0ghsaWEB
News mentions
0No linked articles in our index yet.