CVE-2022-43416

2022-10-1916:15:11

[email protected]

web.nvd.nist.gov

cve-2022-43416

jenkins katalon plugin

remote code execution

os command injection

security vulnerability

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

8.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

42.9%

JSON

Jenkins Katalon Plugin 1.0.32 and earlier implements an agent/controller message that does not limit where it can be executed and allows invoking Katalon with configurable arguments, allowing attackers able to control agent processes to invoke Katalon on the Jenkins controller with attacker-controlled version, install location, and arguments, and attackers additionally able to create files on the Jenkins controller (e.g., attackers with Item/Configure permission could archive artifacts) to invoke arbitrary OS commands.

Affected configurations

NVD

Node

jenkinskatalonRange<1.0.33jenkins

AND

jenkinsjenkinsRange≤2.303.2lts

jenkinsjenkinsRange≤2.318-

CPENameOperatorVersion
jenkins:katalonjenkins katalonlt1.0.33

CPE	Name	Operator	Version
jenkins:katalon	jenkins katalon	lt	1.0.33

CNA Affected

[
  {
    "product": "Jenkins Katalon Plugin",
    "vendor": "Jenkins project",
    "versions": [
      {
        "lessThanOrEqual": "1.0.32",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]