Description

The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the "Jenkins' own user database" setting, which allows remote attackers to gain privileges by creating a reserved name.

Remediation

References

http://rhn.redhat.com/errata/RHSA-2015-1844.html

https://access.redhat.com/errata/RHSA-2016:0070

https://bugzilla.redhat.com/show_bug.cgi?id=1205627

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27

Related Vulnerabilities

CVE-2023-48796 Vulnerability in maven package org.apache.dolphinscheduler:dolphinscheduler-alert-server

CVE-2019-10328 Vulnerability in maven package org.jenkins-ci.plugins:workflow-remote-loader

CVE-2020-9480 Vulnerability in maven package org.apache.spark:spark-network-shuffle_2.11

CVE-2019-10411 Vulnerability in maven package com.inedo.buildmaster:inedo-buildmaster

CVE-2021-30179 Vulnerability in maven package org.apache.dubbo:dubbo

Severity

Critical

Classification

CWE-264

Tags

Vendor Advisory