Description
In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using MultipartFormDataParser creates temporary files in the default system temporary directory with the default permissions for newly created files, potentially allowing attackers with access to the Jenkins controller file system to read and write the files before they are used.
Remediation
References
https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3073
http://www.openwall.com/lists/oss-security/2023/09/20/5
Related Vulnerabilities
CVE-2023-24447 Vulnerability in maven package org.jenkins-ci.plugins:rabbitmq-consumer
CVE-2018-14041 Vulnerability in npm package bootstrap
CVE-2020-2220 Vulnerability in maven package org.jenkins-ci.main:jenkins-core
CVE-2018-1000105 Vulnerability in maven package org.jenkins-ci.plugins:gerrit-trigger
CVE-2022-31172 Vulnerability in maven package org.webjars.npm:openzeppelin__contracts