CVE-2022-43407

2022-10-1916:15:10

CWE-352

jenkins

web.nvd.nist.gov

cve-2022-43407

jenkins

pipeline

input step plugin

csrf protection

CVSS3

8.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

AI Score

8.5

Confidence

High

EPSS

0.001

Percentile

34.3%

JSON

Jenkins Pipeline: Input Step Plugin 451.vf1a_a_4f405289 and earlier does not restrict or sanitize the optionally specified ID of the ‘input’ step, which is used for the URLs that process user interactions for the given ‘input’ step (proceed or abort) and is not correctly encoded, allowing attackers able to configure Pipelines to have Jenkins build URLs from ‘input’ step IDs that would bypass the CSRF protection of any target URL in Jenkins when the ‘input’ step is interacted with.

Affected configurations

Nvd

Node

jenkinspipeline\Match_input_stepjenkins

VendorProductVersionCPE
jenkinspipeline\_input_stepcpe:2.3:a:jenkins:pipeline\:_input_step:*:*:*:*:*:jenkins:*:*

Vendor	Product	Version	CPE
jenkins	pipeline\	_input_step	cpe:2.3:a:jenkins:pipeline\:_input_step::::::jenkins::*

CNA Affected

[
  {
    "product": "Jenkins Pipeline: Input Step Plugin",
    "vendor": "Jenkins project",
    "versions": [
      {
        "status": "unaffected",
        "version": "449.451.v9c3d42f23975"
      },
      {
        "lessThanOrEqual": "451.vf1a_a_4f405289",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]