Описание
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.
The Git Plugin can leak credentials (username and password) used to access a git repo if an attacker-supplied URL is provided to the plugin. To supply the URL to the plugin, the attacker would need to guess a username/password ID and then trick a developer into following a specific URL.
Отчет
This issue affects the versions of jenkins-plugin-git as shipped with Red Hat OpenShift Enterprise 3. Red Hat Product Security has rated this issue as having Low security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat OpenShift Enterprise 3 | jenkins-plugin-git | Will not fix | ||
| Red Hat OpenShift Container Platform 3.6 | atomic-openshift | Fixed | RHBA-2017:2642 | 08.09.2017 |
| Red Hat OpenShift Container Platform 3.6 | fluentd | Fixed | RHBA-2017:2642 | 08.09.2017 |
| Red Hat OpenShift Container Platform 3.6 | jenkins-2-plugins | Fixed | RHBA-2017:2642 | 08.09.2017 |
| Red Hat OpenShift Container Platform 3.6 | kibana | Fixed | RHBA-2017:2642 | 08.09.2017 |
| Red Hat OpenShift Container Platform 3.6 | rubygem-cool.io | Fixed | RHBA-2017:2642 | 08.09.2017 |
| Red Hat OpenShift Container Platform 3.6 | rubygem-excon | Fixed | RHBA-2017:2642 | 08.09.2017 |
| Red Hat OpenShift Container Platform 3.6 | rubygem-faraday | Fixed | RHBA-2017:2642 | 08.09.2017 |
| Red Hat OpenShift Container Platform 3.6 | rubygem-fluent-plugin-kubernetes_metadata_filter | Fixed | RHBA-2017:2642 | 08.09.2017 |
| Red Hat OpenShift Container Platform 3.6 | rubygem-fluent-plugin-viaq_data_model | Fixed | RHBA-2017:2642 | 08.09.2017 |
Показывать по
Дополнительная информация
Статус:
3.1 Low
CVSS3
Связанные уязвимости
Git Plugin connects to a user-specified Git repository as part of form validation. An attacker with no direct access to Jenkins but able to guess at a username/password credentials ID could trick a developer with job configuration permissions into following a link with a maliciously crafted Jenkins URL which would result in the Jenkins Git client sending the username and password to an attacker-controlled server.
Cross-Site Request Forgery in Jenkins Git Plugin
3.1 Low
CVSS3