Описание
Jenkins Config Rotator Plugin vulnerable to path traversal
Jenkins Config Rotator Plugin 2.0.1 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing unauthenticated attackers to read arbitrary files with '.xml' extension on the Jenkins controller file system. Currently there is no known workaround and no fix available.
Пакеты
Наименование
org.jenkins-ci.main:config-rotator
maven
Затронутые версииВерсия исправления
<= 2.0.1
Отсутствует
Связанные уязвимости
CVSS3: 7.5
nvd
около 3 лет назад
Jenkins Config Rotator Plugin 2.0.1 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing unauthenticated attackers to read arbitrary files with '.xml' extension on the Jenkins controller file system.