csaf_certbund - wid-sec-w-2024-3456

WID-SEC-W-2024-3456

Vulnerability from csaf_certbund - Published: 2024-11-13 23:00 - Updated: 2025-03-04 23:00

Summary

Jenkins Plugins: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterstützung bei Softwareentwicklungen aller Art.

Angriff

Ein entfernter authentisierter Angreifer oder ein anonymer Angreifer kann mehrere Schwachstellen in Jenkins ausnutzen, um Dateien zu manipulieren, vertrauliche Informationen preiszugeben, beliebigen Code auszuführen, sich erhöhte Rechte zu verschaffen und einen Cross-Site-Scripting-Angriff durchzuführen.

Betroffene Betriebssysteme

- Sonstiges - UNIX - Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterst\u00fctzung bei Softwareentwicklungen aller Art.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter authentisierter Angreifer oder ein anonymer Angreifer kann mehrere Schwachstellen in Jenkins ausnutzen, um Dateien zu manipulieren, vertrauliche Informationen preiszugeben, beliebigen Code auszuf\u00fchren, sich erh\u00f6hte Rechte zu verschaffen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX\n- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3456 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3456.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3456 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3456"
      },
      {
        "category": "external",
        "summary": "Jenkins Security Advisory vom 2024-11-13",
        "url": "https://www.jenkins.io/security/advisory/2024-11-13/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:2222 vom 2025-03-04",
        "url": "https://access.redhat.com/errata/RHSA-2025:2222"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:2218 vom 2025-03-04",
        "url": "https://access.redhat.com/errata/RHSA-2025:2218"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:2219 vom 2025-03-04",
        "url": "https://access.redhat.com/errata/RHSA-2025:2219"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:2220 vom 2025-03-04",
        "url": "https://access.redhat.com/errata/RHSA-2025:2220"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:2221 vom 2025-03-04",
        "url": "https://access.redhat.com/errata/RHSA-2025:2221"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:2223 vom 2025-03-04",
        "url": "https://access.redhat.com/errata/RHSA-2025:2223"
      }
    ],
    "source_lang": "en-US",
    "title": "Jenkins Plugins: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-03-04T23:00:00.000+00:00",
      "generator": {
        "date": "2025-03-05T09:38:49.569+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.12"
        }
      },
      "id": "WID-SEC-W-2024-3456",
      "initial_release_date": "2024-11-13T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-11-13T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2025-03-04T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Authorize Project Plugin \u003c1.8.0",
                "product": {
                  "name": "Jenkins Jenkins Authorize Project Plugin \u003c1.8.0",
                  "product_id": "T039140"
                }
              },
              {
                "category": "product_version",
                "name": "Authorize Project Plugin 1.8.0",
                "product": {
                  "name": "Jenkins Jenkins Authorize Project Plugin 1.8.0",
                  "product_id": "T039140-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:authorize_project_plugin__1.8.0"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "IvyTrigger Plugin \u003c1.02",
                "product": {
                  "name": "Jenkins Jenkins IvyTrigger Plugin \u003c1.02",
                  "product_id": "T039141"
                }
              },
              {
                "category": "product_version",
                "name": "IvyTrigger Plugin 1.02",
                "product": {
                  "name": "Jenkins Jenkins IvyTrigger Plugin 1.02",
                  "product_id": "T039141-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:ivytrigger_plugin__1.02"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "OpenId Connect Authentication Plugin \u003c.421.v5422614eb_e0a_",
                "product": {
                  "name": "Jenkins Jenkins OpenId Connect Authentication Plugin \u003c.421.v5422614eb_e0a_",
                  "product_id": "T039142"
                }
              },
              {
                "category": "product_version",
                "name": "OpenId Connect Authentication Plugin .421.v5422614eb_e0a_",
                "product": {
                  "name": "Jenkins Jenkins OpenId Connect Authentication Plugin .421.v5422614eb_e0a_",
                  "product_id": "T039142-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:openid_connect_authentication_plugin__.421.v5422614eb_e0a_"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Pipeline Declarative Plugin \u003c2.2218.v56d0cda_37c72",
                "product": {
                  "name": "Jenkins Jenkins Pipeline Declarative Plugin \u003c2.2218.v56d0cda_37c72",
                  "product_id": "T039143"
                }
              },
              {
                "category": "product_version",
                "name": "Pipeline Declarative Plugin 2.2218.v56d0cda_37c72",
                "product": {
                  "name": "Jenkins Jenkins Pipeline Declarative Plugin 2.2218.v56d0cda_37c72",
                  "product_id": "T039143-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:pipeline_declarative_plugin__2.2218.v56d0cda_37c72"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Pipeline Groovy Plugin \u003c3993.v3e20a_37282f8",
                "product": {
                  "name": "Jenkins Jenkins Pipeline Groovy Plugin \u003c3993.v3e20a_37282f8",
                  "product_id": "T039144"
                }
              },
              {
                "category": "product_version",
                "name": "Pipeline Groovy Plugin 3993.v3e20a_37282f8",
                "product": {
                  "name": "Jenkins Jenkins Pipeline Groovy Plugin 3993.v3e20a_37282f8",
                  "product_id": "T039144-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:pipeline_groovy_plugin__3993.v3e20a_37282f8"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Shared Library Version Override Plugin \u003c19.v3a_c975738d4a_",
                "product": {
                  "name": "Jenkins Jenkins Shared Library Version Override Plugin \u003c19.v3a_c975738d4a_",
                  "product_id": "T039146"
                }
              },
              {
                "category": "product_version",
                "name": "Shared Library Version Override Plugin 19.v3a_c975738d4a_",
                "product": {
                  "name": "Jenkins Jenkins Shared Library Version Override Plugin 19.v3a_c975738d4a_",
                  "product_id": "T039146-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:shared_library_version_override_plugin__19.v3a_c975738d4a_"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Script Security Plugin \u003c1368.vb_b_402e3547e7",
                "product": {
                  "name": "Jenkins Jenkins Script Security Plugin \u003c1368.vb_b_402e3547e7",
                  "product_id": "T039147"
                }
              },
              {
                "category": "product_version",
                "name": "Script Security Plugin 1368.vb_b_402e3547e7",
                "product": {
                  "name": "Jenkins Jenkins Script Security Plugin 1368.vb_b_402e3547e7",
                  "product_id": "T039147-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:script_security_plugin__1368.vb_b_402e3547e7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Jenkins"
          }
        ],
        "category": "vendor",
        "name": "Jenkins"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-46751",
      "product_status": {
        "known_affected": [
          "T039141",
          "67646"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2022-46751"
    },
    {
      "cve": "CVE-2024-52549",
      "product_status": {
        "known_affected": [
          "67646",
          "T039147"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-52549"
    },
    {
      "cve": "CVE-2024-52550",
      "product_status": {
        "known_affected": [
          "T039144",
          "T039143",
          "67646"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-52550"
    },
    {
      "cve": "CVE-2024-52551",
      "product_status": {
        "known_affected": [
          "T039144",
          "T039143",
          "67646"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-52551"
    },
    {
      "cve": "CVE-2024-52552",
      "product_status": {
        "known_affected": [
          "67646",
          "T039140"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-52552"
    },
    {
      "cve": "CVE-2024-52553",
      "product_status": {
        "known_affected": [
          "T039142",
          "67646"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-52553"
    },
    {
      "cve": "CVE-2024-52554",
      "product_status": {
        "known_affected": [
          "67646",
          "T039146"
        ]
      },
      "release_date": "2024-11-13T23:00:00.000+00:00",
      "title": "CVE-2024-52554"
    }
  ]
}

CVE-2024-52553 (GCVE-0-2024-52553)

Vulnerability from cvelistv5 – Published: 2024-11-13 20:53 – Updated: 2024-11-13 21:38

Summary

Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-613 - Insufficient Session Expiration

Assigner

jenkins

References

URL

Tags

https://www.jenkins.io/security/advisory/2024-11-…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Jenkins Project	Jenkins OpenId Connect Authentication Plugin	Affected: 0 , ≤ 4.418.vccc7061f5b_6d (maven)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:jenkins:openid:-:*:*:*:*:jenkins:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "openid",
            "vendor": "jenkins",
            "versions": [
              {
                "lessThanOrEqual": "4.418.vccc7061f5b_6d",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-52553",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T21:38:03.003277Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-613",
                "description": "CWE-613 Insufficient Session Expiration",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T21:38:06.118Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jenkins OpenId Connect Authentication Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThanOrEqual": "4.418.vccc7061f5b_6d",
              "status": "affected",
              "version": "0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-13T20:53:02.980Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2024-11-13",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3473"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2024-52553",
    "datePublished": "2024-11-13T20:53:02.980Z",
    "dateReserved": "2024-11-12T15:28:28.980Z",
    "dateUpdated": "2024-11-13T21:38:06.118Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-46751 (GCVE-0-2022-46751)

Vulnerability from cvelistv5 – Published: 2023-08-21 06:55 – Updated: 2025-02-13 16:33

Summary

Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy files or Apache Maven POMs - it will allow downloading external document type definitions and expand any entity references contained therein when used. This can be used to exfiltrate data, access resources only the machine running Ivy has access to or disturb the execution of Ivy in different ways. Starting with Ivy 2.5.2 DTD processing is disabled by default except when parsing Maven POMs where the default is to allow DTD processing but only to include a DTD snippet shipping with Ivy that is needed to deal with existing Maven POMs that are not valid XML files but are nevertheless accepted by Maven. Access can be be made more lenient via newly introduced system properties where needed. Users of Ivy prior to version 2.5.2 can use Java system properties to restrict processing of external DTDs, see the section about "JAXP Properties for External Access restrictions" inside Oracle's "Java API for XML Processing (JAXP) Security Guide".

Severity ?

No CVSS data available.

CWE

CWE-611 - Improper Restriction of XML External Entity Reference
CWE-91 - XML Injection (aka Blind XPath Injection)

Assigner

apache

References

URL

Tags

	https://docs.oracle.com/en/java/javase/13/securit…	mitigation
	https://gitbox.apache.org/repos/asf?p=ant-ivy.git…	patch
	https://lists.apache.org/thread/9gcz4xrsn8c7o9gb3…	release-notes
	https://lists.apache.org/thread/1dj60hg5nr36kjr4p…	vendor-advisory
	http://www.openwall.com/lists/oss-security/2023/09/06/9

Impacted products

	Vendor	Product	Version
	Apache Software Foundation	Apache Ivy	Affected: 1.0.0 , ≤ 2.5.1 (semver)

Credits

CC Bomber, Kitri BoB Jenkins Security Team

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:39:38.282Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "mitigation",
              "x_transferred"
            ],
            "url": "https://docs.oracle.com/en/java/javase/13/security/java-api-xml-processing-jaxp-security-guide.html#GUID-94ABC0EE-9DC8-44F0-84AD-47ADD5340477"
          },
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://gitbox.apache.org/repos/asf?p=ant-ivy.git;a=commit;h=2be17bc18b0e1d4123007d579e43ba1a4b6fab3d"
          },
          {
            "tags": [
              "release-notes",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/9gcz4xrsn8c7o9gb377xfzvkb8jltffr"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.apache.org/thread/1dj60hg5nr36kjr4p1100dwjrqookps8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/09/06/9"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:apache:ivy:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "ivy",
            "vendor": "apache",
            "versions": [
              {
                "lessThanOrEqual": "2.5.1",
                "status": "affected",
                "version": "1.0.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "LOW",
              "baseScore": 8.2,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-46751",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-27T20:07:17.726856Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-27T20:27:38.791Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Apache Ivy",
          "vendor": "Apache Software Foundation",
          "versions": [
            {
              "lessThanOrEqual": "2.5.1",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "CC Bomber, Kitri BoB"
        },
        {
          "lang": "en",
          "type": "reporter",
          "value": "Jenkins Security Team"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.\u003cp\u003eThis issue affects any version of Apache Ivy prior to 2.5.2.\u003c/p\u003e\u003cp\u003eWhen Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy files or Apache Maven POMs - it will allow downloading external document type definitions and expand any entity references contained therein when used.\u003c/p\u003e\u003cp\u003eThis can be used to exfiltrate data, access resources only the machine running Ivy has access to or disturb the execution of Ivy in different ways.\u003c/p\u003e\u003cp\u003eStarting with Ivy 2.5.2 DTD processing is disabled by default except when parsing Maven POMs where the default is to allow DTD processing but only to include a DTD snippet shipping with Ivy that is needed to deal with existing Maven POMs that are not valid XML files but are nevertheless accepted by Maven. Access can be be made more lenient via newly introduced system properties where needed.\u003cbr\u003e\u003c/p\u003e\u003cp\u003eUsers of Ivy prior to version 2.5.2 can use Java system properties to restrict processing of external DTDs, see the section about \"JAXP Properties for External Access restrictions\" inside Oracle\u0027s \"Java API for XML Processing (JAXP) Security Guide\".\u003cbr\u003e\u003c/p\u003e"
            }
          ],
          "value": "Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2.\n\nWhen Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy files or Apache Maven POMs - it will allow downloading external document type definitions and expand any entity references contained therein when used.\n\nThis can be used to exfiltrate data, access resources only the machine running Ivy has access to or disturb the execution of Ivy in different ways.\n\nStarting with Ivy 2.5.2 DTD processing is disabled by default except when parsing Maven POMs where the default is to allow DTD processing but only to include a DTD snippet shipping with Ivy that is needed to deal with existing Maven POMs that are not valid XML files but are nevertheless accepted by Maven. Access can be be made more lenient via newly introduced system properties where needed.\n\nUsers of Ivy prior to version 2.5.2 can use Java system properties to restrict processing of external DTDs, see the section about \"JAXP Properties for External Access restrictions\" inside Oracle\u0027s \"Java API for XML Processing (JAXP) Security Guide\"."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "text": "moderate"
            },
            "type": "Textual description of severity"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-611",
              "description": "CWE-611 Improper Restriction of XML External Entity Reference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-91",
              "description": "CWE-91 XML Injection (aka Blind XPath Injection)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-06T14:06:11.958Z",
        "orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
        "shortName": "apache"
      },
      "references": [
        {
          "tags": [
            "mitigation"
          ],
          "url": "https://docs.oracle.com/en/java/javase/13/security/java-api-xml-processing-jaxp-security-guide.html#GUID-94ABC0EE-9DC8-44F0-84AD-47ADD5340477"
        },
        {
          "tags": [
            "patch"
          ],
          "url": "https://gitbox.apache.org/repos/asf?p=ant-ivy.git;a=commit;h=2be17bc18b0e1d4123007d579e43ba1a4b6fab3d"
        },
        {
          "tags": [
            "release-notes"
          ],
          "url": "https://lists.apache.org/thread/9gcz4xrsn8c7o9gb377xfzvkb8jltffr"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.apache.org/thread/1dj60hg5nr36kjr4p1100dwjrqookps8"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/09/06/9"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2022-11-30T17:54:00.000Z",
          "value": "reported to the ASF security team"
        },
        {
          "lang": "en",
          "time": "2023-08-20T21:00:00.000Z",
          "value": "made public"
        }
      ],
      "title": "Apache Ivy: XML External Entity vulnerability in Apache Ivy",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
    "assignerShortName": "apache",
    "cveId": "CVE-2022-46751",
    "datePublished": "2023-08-21T06:55:00.181Z",
    "dateReserved": "2022-12-07T12:23:31.486Z",
    "dateUpdated": "2025-02-13T16:33:53.044Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52552 (GCVE-0-2024-52552)

Vulnerability from cvelistv5 – Published: 2024-11-13 20:53 – Updated: 2024-11-14 15:00

Summary

Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

Severity ?

8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Assigner

jenkins

References

URL

Tags

https://www.jenkins.io/security/advisory/2024-11-…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Jenkins Project	Jenkins Authorize Project Plugin	Affected: 0 , ≤ 1.7.2 (maven)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:jenkins_project:jenkins_authorize_project_plugin:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jenkins_authorize_project_plugin",
            "vendor": "jenkins_project",
            "versions": [
              {
                "lessThanOrEqual": "1.7.2",
                "status": "affected",
                "version": "0",
                "versionType": "maven"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-52552",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T14:56:45.235044Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-79",
                "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T15:00:22.308Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jenkins Authorize Project Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThanOrEqual": "1.7.2",
              "status": "affected",
              "version": "0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-13T20:53:02.325Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2024-11-13",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3010"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2024-52552",
    "datePublished": "2024-11-13T20:53:02.325Z",
    "dateReserved": "2024-11-12T15:28:28.980Z",
    "dateUpdated": "2024-11-14T15:00:22.308Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52551 (GCVE-0-2024-52551)

Vulnerability from cvelistv5 – Published: 2024-11-13 20:53 – Updated: 2024-11-14 15:05

Summary

Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing attackers with Item/Build permission to restart a previous build whose (Jenkinsfile) script is no longer approved.

Severity ?

8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-276 - Incorrect Default Permissions

Assigner

jenkins

References

URL

Tags

https://www.jenkins.io/security/advisory/2024-11-…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Jenkins Project	Jenkins Pipeline: Declarative Plugin	Affected: 0 , ≤ 2.2214.vb_b_34b_2ea_9b_83 (maven)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:jenkins_project:jenkins_pipeline_declaratrive_plugin:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "jenkins_pipeline_declaratrive_plugin",
            "vendor": "jenkins_project",
            "versions": [
              {
                "lessThanOrEqual": "2.2214.vb_b_34b_2ea_9b_83",
                "status": "affected",
                "version": "0",
                "versionType": "maven"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-52551",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-14T15:01:46.015703Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-276",
                "description": "CWE-276 Incorrect Default Permissions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-14T15:05:27.789Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jenkins Pipeline: Declarative Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThanOrEqual": "2.2214.vb_b_34b_2ea_9b_83",
              "status": "affected",
              "version": "0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing attackers with Item/Build permission to restart a previous build whose (Jenkinsfile) script is no longer approved."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-13T20:53:01.666Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2024-11-13",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3361"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2024-52551",
    "datePublished": "2024-11-13T20:53:01.666Z",
    "dateReserved": "2024-11-12T15:28:28.980Z",
    "dateUpdated": "2024-11-14T15:05:27.789Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52554 (GCVE-0-2024-52554)

Vulnerability from cvelistv5 – Published: 2024-11-13 20:53 – Updated: 2024-11-13 21:36

Summary

Jenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped library overrides as trusted, so that they're not executed in the Script Security sandbox, allowing attackers with Item/Configure permission on a folder to configure a folder-scoped library override that runs without sandbox protection.

Severity ?

8.8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-862 - Missing Authorization

Assigner

jenkins

References

URL

Tags

https://www.jenkins.io/security/advisory/2024-11-…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Jenkins Project	Jenkins Shared Library Version Override Plugin	Affected: 0 , ≤ 17.v786074c9fce7 (maven)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:jenkins:shared_library_version_override:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "shared_library_version_override",
            "vendor": "jenkins",
            "versions": [
              {
                "lessThanOrEqual": "17.v786074c9fce7",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-52554",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T21:21:30.496245Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-862",
                "description": "CWE-862 Missing Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T21:36:03.550Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jenkins Shared Library Version Override Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThanOrEqual": "17.v786074c9fce7",
              "status": "affected",
              "version": "0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped library overrides as trusted, so that they\u0027re not executed in the Script Security sandbox, allowing attackers with Item/Configure permission on a folder to configure a folder-scoped library override that runs without sandbox protection."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-13T20:53:03.613Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2024-11-13",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3466"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2024-52554",
    "datePublished": "2024-11-13T20:53:03.613Z",
    "dateReserved": "2024-11-12T15:28:28.980Z",
    "dateUpdated": "2024-11-13T21:36:03.550Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52549 (GCVE-0-2024-52549)

Vulnerability from cvelistv5 – Published: 2024-11-13 20:53 – Updated: 2024-11-13 21:35

Summary

Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files on the controller file system.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-862 - Missing Authorization

Assigner

jenkins

References

URL

Tags

https://www.jenkins.io/security/advisory/2024-11-…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Jenkins Project	Jenkins Script Security Plugin	Affected: 0 , ≤ 1362.v67dc1f0e1b_b_3 (maven) Affected: 1365.v4778ca_84b_de5 Affected: 1366.vd44b_49a_5c85c , ≤ 1367.vdf2fc45f229c (maven)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "LOW",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-52549",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T21:35:27.415468Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-862",
                "description": "CWE-862 Missing Authorization",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-13T21:35:30.700Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jenkins Script Security Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThanOrEqual": "1362.v67dc1f0e1b_b_3",
              "status": "affected",
              "version": "0",
              "versionType": "maven"
            },
            {
              "status": "affected",
              "version": "1365.v4778ca_84b_de5"
            },
            {
              "lessThanOrEqual": "1367.vdf2fc45f229c",
              "status": "affected",
              "version": "1366.vd44b_49a_5c85c",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files on the controller file system."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-13T20:53:00.291Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2024-11-13",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3447"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2024-52549",
    "datePublished": "2024-11-13T20:53:00.291Z",
    "dateReserved": "2024-11-12T15:28:28.980Z",
    "dateUpdated": "2024-11-13T21:35:30.700Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52550 (GCVE-0-2024-52550)

Vulnerability from cvelistv5 – Published: 2024-11-13 20:53 – Updated: 2024-11-26 14:45

Summary

Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved.

Severity ?

8 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE

CWE-354 - Improper Validation of Integrity Check Value

Assigner

jenkins

References

URL

Tags

https://www.jenkins.io/security/advisory/2024-11-…

vendor-advisory

Impacted products

	Vendor	Product	Version
	Jenkins Project	Jenkins Pipeline: Groovy Plugin	Affected: 0 , ≤ 3975.v567e2a_1ffa_22 (maven) Affected: 3990.vd281dd77a_388

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:jenkins:groovy:*:*:*:*:*:jenkins:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "groovy",
            "vendor": "jenkins",
            "versions": [
              {
                "lessThanOrEqual": "3975.v567e2a_1ffa_22",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              },
              {
                "status": "affected",
                "version": "3990.vd281dd77a_388"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-52550",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-13T21:27:04.283276Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-354",
                "description": "CWE-354 Improper Validation of Integrity Check Value",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T14:45:03.205Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jenkins Pipeline: Groovy Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThanOrEqual": "3975.v567e2a_1ffa_22",
              "status": "affected",
              "version": "0",
              "versionType": "maven"
            },
            {
              "status": "affected",
              "version": "3990.vd281dd77a_388"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-13T20:53:00.972Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2024-11-13",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2024-11-13/#SECURITY-3362"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2024-52550",
    "datePublished": "2024-11-13T20:53:00.972Z",
    "dateReserved": "2024-11-12T15:28:28.980Z",
    "dateUpdated": "2024-11-26T14:45:03.205Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2024-3456

CVE-2024-52553 (GCVE-0-2024-52553)

CVE-2022-46751 (GCVE-0-2022-46751)

CVE-2024-52552 (GCVE-0-2024-52552)

CVE-2024-52551 (GCVE-0-2024-52551)

CVE-2024-52554 (GCVE-0-2024-52554)

CVE-2024-52549 (GCVE-0-2024-52549)

CVE-2024-52550 (GCVE-0-2024-52550)

Tags

Sightings

Nomenclature