cvelistv5 - cve-2024-34146

cve-2024-34146

Vulnerability from cvelistv5

Published

2024-05-02 13:28

Modified

2025-02-13 17:52

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS score ?

0.17% (0.35434)

Summary

Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.

References

▼	URL	Tags
	jenkinsci-cert@googlegroups.com	http://www.openwall.com/lists/oss-security/2024/05/02/3
	jenkinsci-cert@googlegroups.com	https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/05/02/3
	af854a3a-2127-422b-91ae-364da2661108	https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342

Impacted products

	Vendor	Product	Version
	Jenkins Project	Jenkins Git server Plugin	Version: 0

Show details on NVD website

JSON

To clipboard

{
   containers: {
      adp: [
         {
            affected: [
               {
                  cpes: [
                     "cpe:2.3:a:jenkins:git_server:*:*:*:*:*:jenkins:*:*",
                  ],
                  defaultStatus: "unknown",
                  product: "git_server",
                  vendor: "jenkins",
                  versions: [
                     {
                        status: "affected",
                        version: "*",
                     },
                  ],
               },
            ],
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "NETWORK",
                     availabilityImpact: "NONE",
                     baseScore: 6.5,
                     baseSeverity: "MEDIUM",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "NONE",
                     privilegesRequired: "LOW",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2024-34146",
                        options: [
                           {
                              Exploitation: "none",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "partial",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2024-05-02T17:09:58.629309Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-269",
                        description: "CWE-269 Improper Privilege Management",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
               {
                  descriptions: [
                     {
                        cweId: "CWE-863",
                        description: "CWE-863 Incorrect Authorization",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
               {
                  descriptions: [
                     {
                        cweId: "CWE-862",
                        description: "CWE-862 Missing Authorization",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2024-06-04T17:41:47.091Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
         {
            providerMetadata: {
               dateUpdated: "2024-08-02T02:42:59.969Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "Jenkins Security Advisory 2024-05-02",
                  tags: [
                     "vendor-advisory",
                     "x_transferred",
                  ],
                  url: "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342",
               },
               {
                  tags: [
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2024/05/02/3",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               defaultStatus: "unaffected",
               product: "Jenkins Git server Plugin",
               vendor: "Jenkins Project",
               versions: [
                  {
                     lessThanOrEqual: "114.v068a_c7cc2574",
                     status: "affected",
                     version: "0",
                     versionType: "maven",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.",
            },
         ],
         providerMetadata: {
            dateUpdated: "2024-05-02T13:30:10.732Z",
            orgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
            shortName: "jenkins",
         },
         references: [
            {
               name: "Jenkins Security Advisory 2024-05-02",
               tags: [
                  "vendor-advisory",
               ],
               url: "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342",
            },
            {
               url: "http://www.openwall.com/lists/oss-security/2024/05/02/3",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
      assignerShortName: "jenkins",
      cveId: "CVE-2024-34146",
      datePublished: "2024-05-02T13:28:04.598Z",
      dateReserved: "2024-04-30T20:53:08.612Z",
      dateUpdated: "2025-02-13T17:52:25.963Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
   "vulnerability-lookup:meta": {
      fkie_nvd: {
         descriptions: "[{\"lang\": \"en\", \"value\": \"Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.\"}, {\"lang\": \"es\", \"value\": \"Jenkins Git server Plugin 114.v068a_c7cc2574 y versiones anteriores no realiza una verificaci\\u00f3n de permisos para el acceso de lectura a un repositorio Git a trav\\u00e9s de SSH, lo que permite a los atacantes con una clave p\\u00fablica SSH previamente configurada pero que carecen de permiso general/lectura acceder a estos repositorios.\"}]",
         id: "CVE-2024-34146",
         lastModified: "2024-11-21T09:18:11.610",
         metrics: "{\"cvssMetricV31\": [{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 3.6}]}",
         published: "2024-05-02T14:15:10.380",
         references: "[{\"url\": \"http://www.openwall.com/lists/oss-security/2024/05/02/3\", \"source\": \"jenkinsci-cert@googlegroups.com\"}, {\"url\": \"https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342\", \"source\": \"jenkinsci-cert@googlegroups.com\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/05/02/3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
         sourceIdentifier: "jenkinsci-cert@googlegroups.com",
         vulnStatus: "Awaiting Analysis",
         weaknesses: "[{\"source\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-269\"}, {\"lang\": \"en\", \"value\": \"CWE-862\"}, {\"lang\": \"en\", \"value\": \"CWE-863\"}]}]",
      },
      nvd: "{\"cve\":{\"id\":\"CVE-2024-34146\",\"sourceIdentifier\":\"jenkinsci-cert@googlegroups.com\",\"published\":\"2024-05-02T14:15:10.380\",\"lastModified\":\"2024-11-21T09:18:11.610\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.\"},{\"lang\":\"es\",\"value\":\"Jenkins Git server Plugin 114.v068a_c7cc2574 y versiones anteriores no realiza una verificación de permisos para el acceso de lectura a un repositorio Git a través de SSH, lo que permite a los atacantes con una clave pública SSH previamente configurada pero que carecen de permiso general/lectura acceder a estos repositorios.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"},{\"lang\":\"en\",\"value\":\"CWE-862\"},{\"lang\":\"en\",\"value\":\"CWE-863\"}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/05/02/3\",\"source\":\"jenkinsci-cert@googlegroups.com\"},{\"url\":\"https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342\",\"source\":\"jenkinsci-cert@googlegroups.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/05/02/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
      vulnrichment: {
         containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342\", \"name\": \"Jenkins Security Advisory 2024-05-02\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/05/02/3\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T02:42:59.969Z\"}}, {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-34146\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-02T17:09:58.629309Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:jenkins:git_server:*:*:*:*:*:jenkins:*:*\"], \"vendor\": \"jenkins\", \"product\": \"git_server\", \"versions\": [{\"status\": \"affected\", \"version\": \"*\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-863\", \"description\": \"CWE-863 Incorrect Authorization\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-862\", \"description\": \"CWE-862 Missing Authorization\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-02T17:06:56.845Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"affected\": [{\"vendor\": \"Jenkins Project\", \"product\": \"Jenkins Git server Plugin\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"maven\", \"lessThanOrEqual\": \"114.v068a_c7cc2574\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342\", \"name\": \"Jenkins Security Advisory 2024-05-02\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/05/02/3\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.\"}], \"providerMetadata\": {\"orgId\": \"39769cd5-e6e2-4dc8-927e-97b3aa056f5b\", \"shortName\": \"jenkins\", \"dateUpdated\": \"2024-05-02T13:30:10.732Z\"}}}",
         cveMetadata: "{\"cveId\": \"CVE-2024-34146\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-13T17:52:25.963Z\", \"dateReserved\": \"2024-04-30T20:53:08.612Z\", \"assignerOrgId\": \"39769cd5-e6e2-4dc8-927e-97b3aa056f5b\", \"datePublished\": \"2024-05-02T13:28:04.598Z\", \"assignerShortName\": \"jenkins\"}",
         dataType: "CVE_RECORD",
         dataVersion: "5.1",
      },
   },
}

WID-SEC-W-2024-1018

Vulnerability from csaf_certbund

Published

2024-05-02 22:00

Modified

2024-11-05 23:00

Summary

Jenkins: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterstützung bei Softwareentwicklungen aller Art.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Jenkins ausnutzen, um beliebigen Code im Kontext des Dienstes auszuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.

Betroffene Betriebssysteme

- Linux - UNIX - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "hoch",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterstützung bei Softwareentwicklungen aller Art.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein Angreifer kann mehrere Schwachstellen in Jenkins ausnutzen, um beliebigen Code im Kontext des Dienstes auszuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux\n- UNIX\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-1018 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1018.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-1018 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1018",
         },
         {
            category: "external",
            summary: "Jenkins Security Advisory  vom 2024-05-02",
            url: "https://www.jenkins.io/security/advisory/2024-05-02/",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:3634 vom 2024-06-05",
            url: "https://access.redhat.com/errata/RHSA-2024:3634",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:3636 vom 2024-06-05",
            url: "https://access.redhat.com/errata/RHSA-2024:3636",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4597 vom 2024-07-19",
            url: "https://access.redhat.com/errata/RHSA-2024:4597",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:8886 vom 2024-11-05",
            url: "https://access.redhat.com/errata/RHSA-2024:8886",
         },
      ],
      source_lang: "en-US",
      title: "Jenkins: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2024-11-05T23:00:00.000+00:00",
         generator: {
            date: "2024-11-06T11:43:44.089+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.8",
            },
         },
         id: "WID-SEC-W-2024-1018",
         initial_release_date: "2024-05-02T22:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-05-02T22:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2024-06-05T22:00:00.000+00:00",
               number: "2",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-07-21T22:00:00.000+00:00",
               number: "3",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-11-05T23:00:00.000+00:00",
               number: "4",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
         ],
         status: "final",
         version: "4",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "Git server Plugin <117.veb_68868fa_027",
                        product: {
                           name: "Jenkins Jenkins Git server Plugin <117.veb_68868fa_027",
                           product_id: "T034519",
                        },
                     },
                     {
                        category: "product_version",
                        name: "Git server Plugin 117.veb_68868fa_027",
                        product: {
                           name: "Jenkins Jenkins Git server Plugin 117.veb_68868fa_027",
                           product_id: "T034519-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:cloudbees:jenkins:git_server_plugin__117.veb_68868fa_027",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "Script Security Plugin <1336.vf33a_a_9863911",
                        product: {
                           name: "Jenkins Jenkins Script Security Plugin <1336.vf33a_a_9863911",
                           product_id: "T034520",
                        },
                     },
                     {
                        category: "product_version",
                        name: "Script Security Plugin 1336.vf33a_a_9863911",
                        product: {
                           name: "Jenkins Jenkins Script Security Plugin 1336.vf33a_a_9863911",
                           product_id: "T034520-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:cloudbees:jenkins:script_security_plugin__1336.vf33a_a_9863911",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "Subversion Partial Release Manager Plugin <=1.0.1",
                        product: {
                           name: "Jenkins Jenkins Subversion Partial Release Manager Plugin <=1.0.1",
                           product_id: "T034521",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "Subversion Partial Release Manager Plugin <=1.0.1",
                        product: {
                           name: "Jenkins Jenkins Subversion Partial Release Manager Plugin <=1.0.1",
                           product_id: "T034521-fixed",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "Telegram Bot Plugin <=1.4.0",
                        product: {
                           name: "Jenkins Jenkins Telegram Bot Plugin <=1.4.0",
                           product_id: "T034522",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "Telegram Bot Plugin <=1.4.0",
                        product: {
                           name: "Jenkins Jenkins Telegram Bot Plugin <=1.4.0",
                           product_id: "T034522-fixed",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Jenkins",
               },
            ],
            category: "vendor",
            name: "Jenkins",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Red Hat Enterprise Linux",
                  product: {
                     name: "Red Hat Enterprise Linux",
                     product_id: "67646",
                     product_identification_helper: {
                        cpe: "cpe:/o:redhat:enterprise_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-34144",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Jenkins. Diese Fehler bestehen im Script Security Plugin aufgrund eines unsachgemäßen Sandbox-Schutzes, der es erlaubt, Skripte mit Sandbox zu definieren und auszuführen. Ein entfernter, authentifizierter Angreifer kann den Sandbox-Schutz umgehen und beliebigen Code im Kontext der Jenkins-Controller-JVM ausführen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T034520",
            ],
         },
         release_date: "2024-05-02T22:00:00.000+00:00",
         title: "CVE-2024-34144",
      },
      {
         cve: "CVE-2024-34145",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Jenkins. Diese Fehler bestehen im Script Security Plugin aufgrund eines unsachgemäßen Sandbox-Schutzes, der es erlaubt, Skripte mit Sandbox zu definieren und auszuführen. Ein entfernter, authentifizierter Angreifer kann den Sandbox-Schutz umgehen und beliebigen Code im Kontext der Jenkins-Controller-JVM ausführen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T034520",
            ],
         },
         release_date: "2024-05-02T22:00:00.000+00:00",
         title: "CVE-2024-34145",
      },
      {
         cve: "CVE-2024-34146",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Jenkins. Dieser Fehler besteht im Git-Server-Plugin aufgrund einer unzureichenden Berechtigungsprüfung, die den Zugriff auf Git-Repositories ermöglicht. Ein entfernter, anonymer Angreifer mit einem zuvor konfigurierten öffentlichen SSH-Schlüssel kann die Sicherheitsmaßnahmen umgehen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T034519",
            ],
         },
         release_date: "2024-05-02T22:00:00.000+00:00",
         title: "CVE-2024-34146",
      },
      {
         cve: "CVE-2024-34147",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Jenkins. Dieser Fehler besteht im Telegram Bot Plugin, da unverschlüsselte Token in der globalen Konfigurationsdatei gespeichert werden. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
            ],
            last_affected: [
               "T034522",
            ],
         },
         release_date: "2024-05-02T22:00:00.000+00:00",
         title: "CVE-2024-34147",
      },
      {
         cve: "CVE-2024-34148",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Jenkins. Dieser Fehler besteht aufgrund eines falschen Patches für eine frühere Schwachstelle im Subversion Partial Release Manager Plugin, der es ermöglicht, den Sicherheitsschutz zu deaktivieren. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
            ],
            last_affected: [
               "T034521",
            ],
         },
         release_date: "2024-05-02T22:00:00.000+00:00",
         title: "CVE-2024-34148",
      },
   ],
}

wid-sec-w-2024-1018

Vulnerability from csaf_certbund

Published

2024-05-02 22:00

Modified

2024-11-05 23:00

Summary

Jenkins: Mehrere Schwachstellen

Notes

Produktbeschreibung

Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterstützung bei Softwareentwicklungen aller Art.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Jenkins ausnutzen, um beliebigen Code im Kontext des Dienstes auszuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.

Betroffene Betriebssysteme

- Linux - UNIX - Windows

JSON

To clipboard

{
   document: {
      aggregate_severity: {
         text: "hoch",
      },
      category: "csaf_base",
      csaf_version: "2.0",
      distribution: {
         tlp: {
            label: "WHITE",
            url: "https://www.first.org/tlp/",
         },
      },
      lang: "de-DE",
      notes: [
         {
            category: "legal_disclaimer",
            text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.",
         },
         {
            category: "description",
            text: "Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterstützung bei Softwareentwicklungen aller Art.",
            title: "Produktbeschreibung",
         },
         {
            category: "summary",
            text: "Ein Angreifer kann mehrere Schwachstellen in Jenkins ausnutzen, um beliebigen Code im Kontext des Dienstes auszuführen, Sicherheitsmaßnahmen zu umgehen oder vertrauliche Informationen offenzulegen.",
            title: "Angriff",
         },
         {
            category: "general",
            text: "- Linux\n- UNIX\n- Windows",
            title: "Betroffene Betriebssysteme",
         },
      ],
      publisher: {
         category: "other",
         contact_details: "csaf-provider@cert-bund.de",
         name: "Bundesamt für Sicherheit in der Informationstechnik",
         namespace: "https://www.bsi.bund.de",
      },
      references: [
         {
            category: "self",
            summary: "WID-SEC-W-2024-1018 - CSAF Version",
            url: "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1018.json",
         },
         {
            category: "self",
            summary: "WID-SEC-2024-1018 - Portal Version",
            url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1018",
         },
         {
            category: "external",
            summary: "Jenkins Security Advisory  vom 2024-05-02",
            url: "https://www.jenkins.io/security/advisory/2024-05-02/",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:3634 vom 2024-06-05",
            url: "https://access.redhat.com/errata/RHSA-2024:3634",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:3636 vom 2024-06-05",
            url: "https://access.redhat.com/errata/RHSA-2024:3636",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:4597 vom 2024-07-19",
            url: "https://access.redhat.com/errata/RHSA-2024:4597",
         },
         {
            category: "external",
            summary: "Red Hat Security Advisory RHSA-2024:8886 vom 2024-11-05",
            url: "https://access.redhat.com/errata/RHSA-2024:8886",
         },
      ],
      source_lang: "en-US",
      title: "Jenkins: Mehrere Schwachstellen",
      tracking: {
         current_release_date: "2024-11-05T23:00:00.000+00:00",
         generator: {
            date: "2024-11-06T11:43:44.089+00:00",
            engine: {
               name: "BSI-WID",
               version: "1.3.8",
            },
         },
         id: "WID-SEC-W-2024-1018",
         initial_release_date: "2024-05-02T22:00:00.000+00:00",
         revision_history: [
            {
               date: "2024-05-02T22:00:00.000+00:00",
               number: "1",
               summary: "Initiale Fassung",
            },
            {
               date: "2024-06-05T22:00:00.000+00:00",
               number: "2",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-07-21T22:00:00.000+00:00",
               number: "3",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
            {
               date: "2024-11-05T23:00:00.000+00:00",
               number: "4",
               summary: "Neue Updates von Red Hat aufgenommen",
            },
         ],
         status: "final",
         version: "4",
      },
   },
   product_tree: {
      branches: [
         {
            branches: [
               {
                  branches: [
                     {
                        category: "product_version_range",
                        name: "Git server Plugin <117.veb_68868fa_027",
                        product: {
                           name: "Jenkins Jenkins Git server Plugin <117.veb_68868fa_027",
                           product_id: "T034519",
                        },
                     },
                     {
                        category: "product_version",
                        name: "Git server Plugin 117.veb_68868fa_027",
                        product: {
                           name: "Jenkins Jenkins Git server Plugin 117.veb_68868fa_027",
                           product_id: "T034519-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:cloudbees:jenkins:git_server_plugin__117.veb_68868fa_027",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "Script Security Plugin <1336.vf33a_a_9863911",
                        product: {
                           name: "Jenkins Jenkins Script Security Plugin <1336.vf33a_a_9863911",
                           product_id: "T034520",
                        },
                     },
                     {
                        category: "product_version",
                        name: "Script Security Plugin 1336.vf33a_a_9863911",
                        product: {
                           name: "Jenkins Jenkins Script Security Plugin 1336.vf33a_a_9863911",
                           product_id: "T034520-fixed",
                           product_identification_helper: {
                              cpe: "cpe:/a:cloudbees:jenkins:script_security_plugin__1336.vf33a_a_9863911",
                           },
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "Subversion Partial Release Manager Plugin <=1.0.1",
                        product: {
                           name: "Jenkins Jenkins Subversion Partial Release Manager Plugin <=1.0.1",
                           product_id: "T034521",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "Subversion Partial Release Manager Plugin <=1.0.1",
                        product: {
                           name: "Jenkins Jenkins Subversion Partial Release Manager Plugin <=1.0.1",
                           product_id: "T034521-fixed",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "Telegram Bot Plugin <=1.4.0",
                        product: {
                           name: "Jenkins Jenkins Telegram Bot Plugin <=1.4.0",
                           product_id: "T034522",
                        },
                     },
                     {
                        category: "product_version_range",
                        name: "Telegram Bot Plugin <=1.4.0",
                        product: {
                           name: "Jenkins Jenkins Telegram Bot Plugin <=1.4.0",
                           product_id: "T034522-fixed",
                        },
                     },
                  ],
                  category: "product_name",
                  name: "Jenkins",
               },
            ],
            category: "vendor",
            name: "Jenkins",
         },
         {
            branches: [
               {
                  category: "product_name",
                  name: "Red Hat Enterprise Linux",
                  product: {
                     name: "Red Hat Enterprise Linux",
                     product_id: "67646",
                     product_identification_helper: {
                        cpe: "cpe:/o:redhat:enterprise_linux:-",
                     },
                  },
               },
            ],
            category: "vendor",
            name: "Red Hat",
         },
      ],
   },
   vulnerabilities: [
      {
         cve: "CVE-2024-34144",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Jenkins. Diese Fehler bestehen im Script Security Plugin aufgrund eines unsachgemäßen Sandbox-Schutzes, der es erlaubt, Skripte mit Sandbox zu definieren und auszuführen. Ein entfernter, authentifizierter Angreifer kann den Sandbox-Schutz umgehen und beliebigen Code im Kontext der Jenkins-Controller-JVM ausführen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T034520",
            ],
         },
         release_date: "2024-05-02T22:00:00.000+00:00",
         title: "CVE-2024-34144",
      },
      {
         cve: "CVE-2024-34145",
         notes: [
            {
               category: "description",
               text: "Es bestehen mehrere Schwachstellen in Jenkins. Diese Fehler bestehen im Script Security Plugin aufgrund eines unsachgemäßen Sandbox-Schutzes, der es erlaubt, Skripte mit Sandbox zu definieren und auszuführen. Ein entfernter, authentifizierter Angreifer kann den Sandbox-Schutz umgehen und beliebigen Code im Kontext der Jenkins-Controller-JVM ausführen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T034520",
            ],
         },
         release_date: "2024-05-02T22:00:00.000+00:00",
         title: "CVE-2024-34145",
      },
      {
         cve: "CVE-2024-34146",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Jenkins. Dieser Fehler besteht im Git-Server-Plugin aufgrund einer unzureichenden Berechtigungsprüfung, die den Zugriff auf Git-Repositories ermöglicht. Ein entfernter, anonymer Angreifer mit einem zuvor konfigurierten öffentlichen SSH-Schlüssel kann die Sicherheitsmaßnahmen umgehen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
               "T034519",
            ],
         },
         release_date: "2024-05-02T22:00:00.000+00:00",
         title: "CVE-2024-34146",
      },
      {
         cve: "CVE-2024-34147",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Jenkins. Dieser Fehler besteht im Telegram Bot Plugin, da unverschlüsselte Token in der globalen Konfigurationsdatei gespeichert werden. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um vertrauliche Informationen offenzulegen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
            ],
            last_affected: [
               "T034522",
            ],
         },
         release_date: "2024-05-02T22:00:00.000+00:00",
         title: "CVE-2024-34147",
      },
      {
         cve: "CVE-2024-34148",
         notes: [
            {
               category: "description",
               text: "Es besteht eine Schwachstelle in Jenkins. Dieser Fehler besteht aufgrund eines falschen Patches für eine frühere Schwachstelle im Subversion Partial Release Manager Plugin, der es ermöglicht, den Sicherheitsschutz zu deaktivieren. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um Sicherheitsmaßnahmen zu umgehen.",
            },
         ],
         product_status: {
            known_affected: [
               "67646",
            ],
            last_affected: [
               "T034521",
            ],
         },
         release_date: "2024-05-02T22:00:00.000+00:00",
         title: "CVE-2024-34148",
      },
   ],
}

ghsa-xh9c-vcf9-h94m

Vulnerability from github

Published

2024-05-02 15:30

Modified

2024-07-03 20:10

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Summary

Jenkins Git server Plugin does not perform a permission check

Details

Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH.

This allows attackers with a previously configured SSH public key but lacking Overall/Read permission to access Git repositories.

Git server Plugin 117.veb_68868fa_027 requires Overall/Read permission to access Git repositories over SSH.

Show details on source website

JSON

To clipboard

{
   affected: [
      {
         package: {
            ecosystem: "Maven",
            name: "org.jenkins-ci.plugins:git-server",
         },
         ranges: [
            {
               events: [
                  {
                     introduced: "0",
                  },
                  {
                     fixed: "117.veb",
                  },
               ],
               type: "ECOSYSTEM",
            },
         ],
      },
   ],
   aliases: [
      "CVE-2024-34146",
   ],
   database_specific: {
      cwe_ids: [
         "CWE-269",
      ],
      github_reviewed: true,
      github_reviewed_at: "2024-05-03T20:16:28Z",
      nvd_published_at: "2024-05-02T14:15:10Z",
      severity: "MODERATE",
   },
   details: "Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH.\n\nThis allows attackers with a previously configured SSH public key but lacking Overall/Read permission to access Git repositories.\n\nGit server Plugin 117.veb_68868fa_027 requires Overall/Read permission to access Git repositories over SSH.",
   id: "GHSA-xh9c-vcf9-h94m",
   modified: "2024-07-03T20:10:32Z",
   published: "2024-05-02T15:30:35Z",
   references: [
      {
         type: "ADVISORY",
         url: "https://nvd.nist.gov/vuln/detail/CVE-2024-34146",
      },
      {
         type: "WEB",
         url: "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342",
      },
      {
         type: "WEB",
         url: "http://www.openwall.com/lists/oss-security/2024/05/02/3",
      },
   ],
   schema_version: "1.4.0",
   severity: [
      {
         score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
         type: "CVSS_V3",
      },
   ],
   summary: "Jenkins Git server Plugin does not perform a permission check",
}

fkie_cve-2024-34146

Vulnerability from fkie_nvd

Published

2024-05-02 14:15

Modified

2024-11-21 09:18

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Summary

References

▼	URL	Tags
	jenkinsci-cert@googlegroups.com	http://www.openwall.com/lists/oss-security/2024/05/02/3
	jenkinsci-cert@googlegroups.com	https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/05/02/3
	af854a3a-2127-422b-91ae-364da2661108	https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Jenkins Git server Plugin 114.v068a_c7cc2574 and earlier does not perform a permission check for read access to a Git repository over SSH, allowing attackers with a previously configured SSH public key but lacking Overall/Read permission to access these repositories.",
      },
      {
         lang: "es",
         value: "Jenkins Git server Plugin 114.v068a_c7cc2574 y versiones anteriores no realiza una verificación de permisos para el acceso de lectura a un repositorio Git a través de SSH, lo que permite a los atacantes con una clave pública SSH previamente configurada pero que carecen de permiso general/lectura acceder a estos repositorios.",
      },
   ],
   id: "CVE-2024-34146",
   lastModified: "2024-11-21T09:18:11.610",
   metrics: {
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 6.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.8,
            impactScore: 3.6,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2024-05-02T14:15:10.380",
   references: [
      {
         source: "jenkinsci-cert@googlegroups.com",
         url: "http://www.openwall.com/lists/oss-security/2024/05/02/3",
      },
      {
         source: "jenkinsci-cert@googlegroups.com",
         url: "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.openwall.com/lists/oss-security/2024/05/02/3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342",
      },
   ],
   sourceIdentifier: "jenkinsci-cert@googlegroups.com",
   vulnStatus: "Awaiting Analysis",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-269",
            },
            {
               lang: "en",
               value: "CWE-862",
            },
            {
               lang: "en",
               value: "CWE-863",
            },
         ],
         source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
         type: "Secondary",
      },
   ],
}

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2024-34146

Vulnerability from cvelistv5

WID-SEC-W-2024-1018

Vulnerability from csaf_certbund

wid-sec-w-2024-1018

Vulnerability from csaf_certbund

ghsa-xh9c-vcf9-h94m

Vulnerability from github

fkie_cve-2024-34146

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature