GHSA-ghpm-mgf5-cv8q

Опубликовано: 16 мая 2023

Источник: github

Github: Прошло ревью

CVSS3: 4.3

Описание

Jenkins SAML Single Sign On(SSO) Plugin Cross-Site Request Forgery vulnerability

Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier does not perform a permission check in an HTTP endpoint.

This allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange’s API for sending emails.

Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

SAML Single Sign On(SSO) Plugin 2.0.1 removes the affected HTTP endpoint.

Ссылки

Пакеты

Наименование

io.jenkins.plugins:miniorange-saml-sp

maven

Затронутые версииВерсия исправления

< 2.0.1

2.0.1

EPSS

Процентиль: 44%

0.00215

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2023-32995

Дефекты

CWE-352

Связанные уязвимости

CVE-2023-32995

CVSS3: 8.8

nvd

больше 2 лет назад

A cross-site request forgery (CSRF) vulnerability in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.

EPSS

Процентиль: 44%

0.00215

Низкий

4.3 Medium

CVSS3

CVE ID

CVE-2023-32995

Дефекты

CWE-352