Lucene search

GitHub Advisory DatabaseGHSA-JWR6-75XH-JH5J

HistoryFeb 15, 2023 - 9:30 p.m.

Synopsys Jenkins Coverity Plugin has Incorrect Default Permissions

2023-02-1521:30:30

CWE-276

GitHub Advisory Database

github.com

synopsys

jenkins

coverity

plugin

permissions

http

attack

vulnerability

credentials

enumeration

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

21.0%

JSON

Synopsys Coverity Plugin 3.0.2 and earlier does not perform permission checks in several HTTP endpoints.

This allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability.

An enumeration of credentials IDs in Synopsys Coverity Plugin 3.0.3 requires the appropriate permissions.

Affected configurations

Vulners

Node

synopsyscoverityRange<3.0.3

CPENameOperatorVersion
org.jenkins-ci.plugins:synopsys-coveritylt3.0.3

CPE	Name	Operator	Version
	org.jenkins-ci.plugins:synopsys-coverity	lt	3.0.3

References

community.synopsys.com/s/article/SIG-Product-Security-Advisory-Multiple-CVEs-affecting-Coverity-Jenkins-Plugin

github.com/advisories/GHSA-jwr6-75xh-jh5j

nvd.nist.gov/vuln/detail/CVE-2023-23850

www.jenkins.io/security/advisory/2023-02-15/#SECURITY-2793%20(1)

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

21.0%

JSON

Related for GHSA-JWR6-75XH-JH5J