ghsa-5ghv-wxh9-7356
Vulnerability from github
Published
2023-06-14 15:30
Modified
2023-06-14 20:33
Severity
4.2 (Medium) - CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N
Summary
Jenkins Digital.ai App Management Publisher Plugin missing permission checks
Details

Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier does not perform permission checks in several HTTP endpoints.

This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

Show details on source website

To clipboard 

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:ease-plugin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "2.6"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-35149"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-862"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-06-14T20:33:37Z",
    "nvd_published_at": "2023-06-14T13:15:12Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier does not perform permission checks in several HTTP endpoints.\n\nThis allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.\n\nAdditionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.",
  "id": "GHSA-5ghv-wxh9-7356",
  "modified": "2023-06-14T20:33:37Z",
  "published": "2023-06-14T15:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-35149"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2023-06-14/#SECURITY-2911"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/06/14/5"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins Digital.ai App Management Publisher Plugin missing permission checks"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.