cnvd - cnvd-2019-23824

CNVD-2019-23824

Vulnerability from cnvd - Published: 2019-07-22

Title

CloudBees Jenkins SonarQube Scanner Plugin身份验证漏洞

Description

CloudBees Jenkins（前称Hudson Labs）是美国CloudBees公司的一套基于Java开发的持续集成工具，它主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。SonarQube Scanner Plugin是使用在其中的一个用于扫描代码并检查代码质量的插件。 CloudBees Jenkins SonarQube Scanner Plugin 2.8及之前版本中的SonarInstallation.java文件存在身份验证漏洞，该漏洞源于SonarQube Scanner Plugin以明文形式存储服务器身份验证令牌。攻击者可利用该漏洞获取用于连接SonarQube的凭证。

Severity

低

Patch Name

CloudBees Jenkins SonarQube Scanner Plugin存在未明漏洞的补丁

Patch Description

CloudBees Jenkins（前称Hudson Labs）是美国CloudBees公司的一套基于Java开发的持续集成工具，它主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。SonarQube Scanner Plugin是使用在其中的一个用于扫描代码并检查代码质量的插件。 CloudBees Jenkins SonarQube Scanner Plugin 2.8及之前版本中的SonarInstallation.java文件存在未明漏洞，该漏洞源于SonarQube Scanner Plugin以明文形式存储服务器身份验证令牌。攻击者可利用该漏洞获取用于连接SonarQube的凭证。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://jenkins.io/security/advisory/2018-09-25/#SECURITY-1163

Reference

https://jenkins.io/security/advisory/2018-09-25/#SECURITY-1163

Impacted products

Name
CloudBees Jenkins SonarQube Scanner Plugin <=2.8

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-1000425"
    }
  },
  "description": "CloudBees Jenkins\uff08\u524d\u79f0Hudson Labs\uff09\u662f\u7f8e\u56fdCloudBees\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eJava\u5f00\u53d1\u7684\u6301\u7eed\u96c6\u6210\u5de5\u5177\uff0c\u5b83\u4e3b\u8981\u7528\u4e8e\u76d1\u63a7\u6301\u7eed\u7684\u8f6f\u4ef6\u7248\u672c\u53d1\u5e03/\u6d4b\u8bd5\u9879\u76ee\u548c\u4e00\u4e9b\u5b9a\u65f6\u6267\u884c\u7684\u4efb\u52a1\u3002SonarQube Scanner Plugin\u662f\u4f7f\u7528\u5728\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u4e8e\u626b\u63cf\u4ee3\u7801\u5e76\u68c0\u67e5\u4ee3\u7801\u8d28\u91cf\u7684\u63d2\u4ef6\u3002\n\nCloudBees Jenkins SonarQube Scanner Plugin 2.8\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u7684SonarInstallation.java\u6587\u4ef6\u5b58\u5728\u8eab\u4efd\u9a8c\u8bc1\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eSonarQube Scanner Plugin\u4ee5\u660e\u6587\u5f62\u5f0f\u5b58\u50a8\u670d\u52a1\u5668\u8eab\u4efd\u9a8c\u8bc1\u4ee4\u724c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7528\u4e8e\u8fde\u63a5SonarQube\u7684\u51ed\u8bc1\u3002",
  "discovererName": "Zhao Xiaojie",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://jenkins.io/security/advisory/2018-09-25/#SECURITY-1163",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-23824",
  "openTime": "2019-07-22",
  "patchDescription": "CloudBees Jenkins\uff08\u524d\u79f0Hudson Labs\uff09\u662f\u7f8e\u56fdCloudBees\u516c\u53f8\u7684\u4e00\u5957\u57fa\u4e8eJava\u5f00\u53d1\u7684\u6301\u7eed\u96c6\u6210\u5de5\u5177\uff0c\u5b83\u4e3b\u8981\u7528\u4e8e\u76d1\u63a7\u6301\u7eed\u7684\u8f6f\u4ef6\u7248\u672c\u53d1\u5e03/\u6d4b\u8bd5\u9879\u76ee\u548c\u4e00\u4e9b\u5b9a\u65f6\u6267\u884c\u7684\u4efb\u52a1\u3002SonarQube Scanner Plugin\u662f\u4f7f\u7528\u5728\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u4e8e\u626b\u63cf\u4ee3\u7801\u5e76\u68c0\u67e5\u4ee3\u7801\u8d28\u91cf\u7684\u63d2\u4ef6\u3002\r\n\r\nCloudBees Jenkins SonarQube Scanner Plugin 2.8\u53ca\u4e4b\u524d\u7248\u672c\u4e2d\u7684SonarInstallation.java\u6587\u4ef6\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8eSonarQube Scanner Plugin\u4ee5\u660e\u6587\u5f62\u5f0f\u5b58\u50a8\u670d\u52a1\u5668\u8eab\u4efd\u9a8c\u8bc1\u4ee4\u724c\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u83b7\u53d6\u7528\u4e8e\u8fde\u63a5SonarQube\u7684\u51ed\u8bc1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "CloudBees Jenkins SonarQube Scanner Plugin\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "CloudBees Jenkins SonarQube Scanner Plugin \u003c=2.8"
  },
  "referenceLink": "https://jenkins.io/security/advisory/2018-09-25/#SECURITY-1163",
  "serverity": "\u4f4e",
  "submitTime": "2019-01-11",
  "title": "CloudBees Jenkins SonarQube Scanner Plugin\u8eab\u4efd\u9a8c\u8bc1\u6f0f\u6d1e"
}

CVE-2018-1000425 (GCVE-0-2018-1000425)

Vulnerability from cvelistv5 – Published: 2019-01-09 23:00 – Updated: 2024-08-05 12:40

Summary

An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java that allows attackers with local file system access to obtain the credentials used to connect to SonarQube.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	http://www.securityfocus.com/bid/106532	vdb-entryx_refsource_BID
	https://jenkins.io/security/advisory/2018-09-25/#…	x_refsource_CONFIRM

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:40:46.979Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "106532",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/106532"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://jenkins.io/security/advisory/2018-09-25/#SECURITY-1163"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2018-12-28T00:00:00",
      "datePublic": "2018-09-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java that allows attackers with local file system access to obtain the credentials used to connect to SonarQube."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-01-14T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "106532",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/106532"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://jenkins.io/security/advisory/2018-09-25/#SECURITY-1163"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2018-12-28T04:34:37.686252",
          "ID": "CVE-2018-1000425",
          "REQUESTER": "ml@beckweb.net",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An insufficiently protected credentials vulnerability exists in Jenkins SonarQube Scanner Plugin 2.8 and earlier in SonarInstallation.java that allows attackers with local file system access to obtain the credentials used to connect to SonarQube."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "106532",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/106532"
            },
            {
              "name": "https://jenkins.io/security/advisory/2018-09-25/#SECURITY-1163",
              "refsource": "CONFIRM",
              "url": "https://jenkins.io/security/advisory/2018-09-25/#SECURITY-1163"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-1000425",
    "datePublished": "2019-01-09T23:00:00",
    "dateReserved": "2019-01-09T00:00:00",
    "dateUpdated": "2024-08-05T12:40:46.979Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-23824

CVE-2018-1000425 (GCVE-0-2018-1000425)

Tags

Sightings

Nomenclature