github - ghsa-6gp4-2f92-j2w5

ghsa-6gp4-2f92-j2w5

Vulnerability from github

Published

2023-05-16 18:30

Modified

2023-05-17 02:59

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

Jenkins Email Extension Plugin missing permission check

Details

Jenkins Email Extension Plugin 2.96 and earlier does not perform a permission check in a method implementing form validation.

This allows attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system.

This form validation method requires the appropriate permission in Email Extension Plugin 2.96.1.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:email-ext"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.96.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-32979"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-732"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-05-17T02:59:02Z",
    "nvd_published_at": "2023-05-16T16:15:10Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins Email Extension Plugin 2.96 and earlier does not perform a permission check in a method implementing form validation.\n\nThis allows attackers with Overall/Read permission to check for the existence of files in the `email-templates/` directory in the Jenkins home directory on the controller file system.\n\nThis form validation method requires the appropriate permission in Email Extension Plugin 2.96.1.",
  "id": "GHSA-6gp4-2f92-j2w5",
  "modified": "2023-05-17T02:59:02Z",
  "published": "2023-05-16T18:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32979"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(1)"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins Email Extension Plugin missing permission check"
}

cve-2023-32979

Vulnerability from cvelistv5

Published

2023-05-16 16:00

Modified

2024-08-02 15:32

Severity ?

Summary

Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system.

References

▼	URL	Tags
	https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(1)	vendor-advisory

Impacted products

▼	Vendor	Product
	Jenkins Project	Jenkins Email Extension Plugin

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T15:32:46.506Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Jenkins Security Advisory 2023-05-16",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(1)"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "affected",
          "product": "Jenkins Email Extension Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.96.1",
              "versionType": "maven"
            },
            {
              "lessThan": "2.89.0.*",
              "status": "unaffected",
              "version": "2.89.0.2",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-24T12:49:58.935Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2023-05-16",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3088%20(1)"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2023-32979",
    "datePublished": "2023-05-16T16:00:00.471Z",
    "dateReserved": "2023-05-16T10:55:43.518Z",
    "dateUpdated": "2024-08-02T15:32:46.506Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted