Описание
Cache confusion in Jenkins Eiffel Broadcaster Plugin
The Jenkins Eiffel Broadcaster Plugin allows events published to RabbitMQ to be signed using certificate credentials. To improve performance, the plugin caches some data from the credential.
Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses the credential ID as the cache key. This allows attackers able to create a credential with the same ID as a legitimate one in a different credentials store, to sign an event published to RabbitMQ with the legitimate certificate credentials.
Eiffel Broadcaster Plugin 2.10.3 removes the cache.
Пакеты
com.axis.jenkins.plugins.eiffel:eiffel-broadcaster
>= 2.8.0, < 2.10.3
2.10.3
Связанные уязвимости
Jenkins Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses the credential ID as the cache key during signing operations, allowing attackers able to create a credential with the same ID as a legitimate one in a different credentials store to sign an event published to RabbitMQ with the legitimate credentials.