Jenkins Email Extension Plugin missing permission check

2023-05-1618:30:16

Google

osv.dev

jenkins

email extension plugin

permission check

security

form validation

file system

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.0005 Low

EPSS

Percentile

17.3%

JSON

Jenkins Email Extension Plugin 2.96 and earlier does not perform a permission check in a method implementing form validation.

This allows attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system.

This form validation method requires the appropriate permission in Email Extension Plugin 2.96.1.

CPENameOperatorVersion
org.jenkins-ci.plugins:email-exteq2.37.1
org.jenkins-ci.plugins:email-exteq2.54
org.jenkins-ci.plugins:email-exteq2.28
org.jenkins-ci.plugins:email-exteq2.69.1
org.jenkins-ci.plugins:email-exteq2.82
org.jenkins-ci.plugins:email-exteq2.13
org.jenkins-ci.plugins:email-exteq2.40
org.jenkins-ci.plugins:email-exteq2.79
org.jenkins-ci.plugins:email-exteq2.25
org.jenkins-ci.plugins:email-exteq2.40.2

Name	Operator	Version
org.jenkins-ci.plugins:email-ext	eq	2.37.1
org.jenkins-ci.plugins:email-ext	eq	2.54
org.jenkins-ci.plugins:email-ext	eq	2.28
org.jenkins-ci.plugins:email-ext	eq	2.69.1
org.jenkins-ci.plugins:email-ext	eq	2.82
org.jenkins-ci.plugins:email-ext	eq	2.13
org.jenkins-ci.plugins:email-ext	eq	2.40
org.jenkins-ci.plugins:email-ext	eq	2.79
org.jenkins-ci.plugins:email-ext	eq	2.25
org.jenkins-ci.plugins:email-ext	eq	2.40.2