CVE-2017-1000095

Опубликовано: 10 июл. 2017

Источник: redhat

CVSS3: 8.8

EPSS Низкий

Описание

The default whitelist included the following unsafe entries: DefaultGroovyMethods.putAt(Object, String, Object); DefaultGroovyMethods.getAt(Object, String). These allowed circumventing many of the access restrictions implemented in the script sandbox by using e.g. currentBuild['rawBuild'] rather than currentBuild.rawBuild. Additionally, the following entries allowed accessing private data that would not be accessible otherwise due to script security: groovy.json.JsonOutput.toJson(Closure); groovy.json.JsonOutput.toJson(Object).

The jenkins-plugin-script-security improperly whitelisted "DefaultGroovyMethods.putAt(Object, String, Object)" and "DefaultGroovyMethods.getAt(Object, String)" which allows attackers to bypass many restrictions and potentially trigger builds or access data they should not have access to. Exploitation of this requires the attacker to have access to the Jenkins instance, and for that Jenkins instance to be hosting other projects as well that the attacker should not have access to.

Отчет

This issue affects the versions of jenkins-plugin-script-security as shipped with OpenShift Enterprise 3. However, this flaw is of low impact under the supported scenarios in OpenShift Enterprise 3. A future update may address this issue.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat OpenShift Container Platform 3.5	jenkins-plugin-script-security	Will not fix
Red Hat OpenShift Container Platform 3.6	jenkins-plugin-script-security	Fixed	RHEA-2017:1716	10.08.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Important

Дефект:

CWE-184

https://bugzilla.redhat.com/show_bug.cgi?id=1471060jenkins-plugin-script-security: Unsafe methods in the default whitelist (SECURITY-538)

EPSS

Процентиль: 21%

0.00066

Низкий

8.8 High

CVSS3

Связанные уязвимости

CVE-2017-1000095

CVSS3: 6.5

nvd

больше 8 лет назад

GHSA-m68x-cc2f-gr5h