Description

Jenkins before 1.638 and LTS before 1.625.2 uses a publicly accessible salt to generate CSRF protection tokens, which makes it easier for remote attackers to bypass the CSRF protection mechanism via a brute force attack.

Remediation

References

https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-11-11

https://access.redhat.com/errata/RHSA-2016:0070

http://rhn.redhat.com/errata/RHSA-2016-0489.html

Related Vulnerabilities

CVE-2018-1000014 Vulnerability in maven package org.jenkins-ci.plugins:translation

CVE-2020-35200 Vulnerability in maven package org.igniterealtime.openfire.plugins:clientcontrol

CVE-2023-46589 Vulnerability in maven package org.apache.tomcat.embed:tomcat-embed-core

CVE-2023-20883 Vulnerability in maven package org.springframework.boot:spring-boot-autoconfigure

CVE-2018-15758 Vulnerability in maven package org.springframework.security.oauth:spring-security-oauth2

Severity

Critical

Classification

CWE-352

Tags

Vendor Advisory