CVE-2022-27201

Опубликовано: 15 мар. 2022

Источник: nvd

CVSS3: 6.5

CVSS2: 4

EPSS Низкий

Описание

Jenkins Semantic Versioning Plugin 1.13 and earlier does not restrict execution of an controller/agent message to agents, and implements no limitations about the file path that can be parsed, allowing attackers able to control agent processes to have Jenkins parse a crafted file that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.

Ссылки

http://www.openwall.com/lists/oss-security/2022/03/15/2
Mailing List
Third Party Advisory
https://www.jenkins.io/security/advisory/2022-03-15/#SECURITY-2124
Vendor Advisory
http://www.openwall.com/lists/oss-security/2022/03/15/2
Mailing List
Third Party Advisory
https://www.jenkins.io/security/advisory/2022-03-15/#SECURITY-2124
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:jenkins:semantic_versioning:*:*:*:*:*:jenkins:*:*

Версия до 1.13 (включая)

Одно из

cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*

Версия до 2.303.2 (включая)

cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*

Версия до 2.318 (включая)

EPSS

Процентиль: 79%

0.01307

Низкий

6.5 Medium

CVSS3

4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-x3m3-g8w6-mf28

CVSS3: 7.1

github

почти 4 года назад

Agent-to-controller security bypass in Jenkins Semantic Versioning Plugin