Lucene search

GitHub Advisory DatabaseGHSA-97MG-9JHF-R7RM

HistoryAug 16, 2023 - 3:30 p.m.

Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin vulnerable to exposure of system-scoped credentials

2023-08-1615:30:18

CWE-522

GitHub Advisory Database

github.com

jenkins

maven

artifact

choicelistprovider

nexus

plugin

vulnerability

credentials

exposure

system-scoped

global

configuration

permission

advisory

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

18.1%

JSON

Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing the use of System-scoped credentials otherwise reserved for the global configuration.

This allows attackers with Item/Configure permission to access and capture credentials they are not entitled to.

As of publication of this advisory, there is no fix.

Affected configurations

Vulners

Node

jenkinsmaven_artifact_choicelistprovider_\(nexus\)Range≤1.14jenkins

CPENameOperatorVersion
org.jenkins-ci.plugins:maven-artifact-choicelistproviderle1.14

CPE	Name	Operator	Version
	org.jenkins-ci.plugins:maven-artifact-choicelistprovider	le	1.14

References

www.openwall.com/lists/oss-security/2023/08/16/3

github.com/advisories/GHSA-97mg-9jhf-r7rm

nvd.nist.gov/vuln/detail/CVE-2023-40347

www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3153

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0005 Low

EPSS

Percentile

18.1%

JSON

Related for GHSA-97MG-9JHF-R7RM