GitHub Advisory DatabaseGHSA-558X-H7RG-997VIncorrect Permission Assignment for Critical Resource in Jenkins Mailer Plugin
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
40.4%
Jenkins Mailer Plugin prior to 408.vd726a_1130320 and 1.34.2 does not perform a permission check in a method implementing form validation.
This allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.
Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.
Mailer Plugin 408.vd726a_1130320 and 1.34.2 requires POST requests and Overall/Administer permission for the affected form validation method.
Affected configurations
References
www.openwall.com/lists/oss-security/2022/01/12/6
github.com/advisories/GHSA-558x-h7rg-997v
github.com/jenkinsci/mailer-plugin/commit/5e6051fae61a43564e22aa89cb24ed8a42a26052
nvd.nist.gov/vuln/detail/CVE-2022-20614
www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2163
www.oracle.com/security-alerts/cpuapr2022.html
Related
4.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:S/C:N/I:P/A:N
0.001 Low
EPSS
Percentile
40.4%