Description
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to a login command which allowed impersonating any Jenkins user. The `login` command available in the remoting-based CLI stored the encrypted user name of the successfully authenticated user in a cache file used to authenticate further commands. Users with sufficient permission to create secrets in Jenkins, and download their encrypted values (e.g. with Job/Configure permission), were able to impersonate any other Jenkins user on the same instance.
Remediation
References
Related Vulnerabilities
WordPress Plugin WooCommerce Upload My File Cross-Site Request Forgery (0.3.9)
WordPress Plugin Clone Cross-Site Scripting (2.1.1)
Ruby Improper Input Validation Vulnerability (CVE-2011-4815)
WordPress Plugin Count per Day Search Bar Cross-Site Scripting (3.2.2)
WordPress Plugin Fast Secure Contact Form Remote Code Execution (4.0.44)