Lucene search

GitHub Advisory DatabaseGHSA-4XMF-344Q-M4CC

HistoryAug 22, 2023 - 12:31 a.m.

Jenkins Fortify Plugin missing permission check

2023-08-2200:31:10

CWE-862

GitHub Advisory Database

github.com

jenkins

fortify plugin

permission checks

http endpoints

csrf vulnerability

post requests

security issue

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

13.3%

JSON

Jenkins Fortify Plugin 22.1.38 and earlier does not perform permission checks in several HTTP endpoints.

This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

Fortify Plugin 22.2.39 requires POST requests and the appropriate permissions for the affected HTTP endpoints.

Affected configurations

Vulners

Node

org.jenkinsci.plugins\Matchfortify

CPENameOperatorVersion
org.jenkins-ci.plugins:fortifyle22.1.38

CPE	Name	Operator	Version
	org.jenkins-ci.plugins:fortify	le	22.1.38

References

github.com/advisories/GHSA-4xmf-344q-m4cc

github.com/jenkinsci/fortify-plugin/commit/357d7bfbcb0ff796ea7d078bee13159f1d000f5d

nvd.nist.gov/vuln/detail/CVE-2023-4302

www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3115

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0004 Low

EPSS

Percentile

13.3%

JSON

Related for GHSA-4XMF-344Q-M4CC