Description

Jenkins Build-Publisher Plugin 1.22 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to obtain names and URLs of Jenkins servers that the plugin is configured to publish builds to, as well as builds pending for publication to those Jenkins servers.

Remediation

References

https://www.jenkins.io/security/advisory/2022-09-21/#SECURITY-1994

Related Vulnerabilities

CVE-2019-10428 Vulnerability in maven package org.jenkins-ci.plugins:aqua-security-scanner

CVE-2023-4061 Vulnerability in maven package org.wildfly.core:wildfly-controller

CVE-2023-45135 Vulnerability in maven package org.xwiki.platform:xwiki-platform-flamingo-skin-resources

CVE-2021-31407 Vulnerability in maven package com.vaadin:flow-server

CVE-2021-41303 Vulnerability in maven package org.apache.shiro:shiro-core

Severity

Medium

Classification

CWE-862 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Vendor Advisory