Описание
Jenkins Self-Organizing Swarm Plug-in Modules Plugin XXE vulnerability via UDP broadcast response
Jenkins Swarm Plugin allows clients to auto-discover Jenkins instances on the same network through a UDP discovery request. Responses to this request are XML documents.
Swarm Plugin does not configure the XML parser in a way that would prevent XML External Entity (XXE) processing. This allows unauthenticated attackers on the same network to have Swarm clients parse a maliciously crafted XML response that uses external entities to read arbitrary files from the Swarm client or denial-of-service attacks.
As of publication of this advisory, there is no fix.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-10309
- https://jenkins.io/security/advisory/2019-04-30/#SECURITY-1252
- https://web.archive.org/web/20200227073756/http://www.securityfocus.com/bid/108159
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0783
- http://www.openwall.com/lists/oss-security/2019/04/30/5
Пакеты
org.jenkins-ci.plugins:swarm
<= 3.15
Отсутствует
Связанные уязвимости
Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing unauthorized attackers on the same network to read arbitrary files from Swarm clients.