Description

In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDataParser creates temporary files in the default system temporary directory with the default permissions for newly created files, potentially allowing attackers with access to the Jenkins controller file system to read and write the files before they are used.

Remediation

References

http://www.openwall.com/lists/oss-security/2023/09/20/5

https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3073

Related Vulnerabilities

CVE-2014-6071 Vulnerability in maven package org.webjars.bower:jquery

CVE-2021-28918 Vulnerability in npm package netmask

CVE-2023-49293 Vulnerability in npm package vite

CVE-2021-23926 Vulnerability in maven package org.apache.xmlbeans:xmlbeans

CVE-2019-0205 Vulnerability in maven package org.apache.thrift:libthrift

Severity

Critical

Classification

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Tags

Mailing List Third Party Advisory Vendor Advisory NVD-CWE-noinfo