Lucene search

GitHub Advisory DatabaseGHSA-VRPG-C7C4-8MPX

HistorySep 06, 2023 - 3:30 p.m.

SSRF vulnerability in Jenkins Bitbucket Push and Pull Request Plugin allows capturing credentials

2023-09-0615:30:26

CWE-918

GitHub Advisory Database

github.com

ssrf

jenkins

bitbucket

push

pull request

plugin

vulnerability

credentials

webhook

payload

attackers

crafted

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.3%

JSON

Jenkins Bitbucket Push and Pull Request Plugin 2.4.0 through 2.8.3 (both inclusive) trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs, allowing attackers to capture Bitbucket credentials stored in Jenkins by sending a crafted webhook payload.

Affected configurations

Vulners

Node

jenkinsbitbucket_push_and_pull_requestRange≤2.8.3jenkins

CPENameOperatorVersion
io.jenkins.plugins:bitbucket-push-and-pull-requestle2.8.3

CPE	Name	Operator	Version
	io.jenkins.plugins:bitbucket-push-and-pull-request	le	2.8.3

References

www.openwall.com/lists/oss-security/2023/09/06/9

github.com/advisories/GHSA-vrpg-c7c4-8mpx

nvd.nist.gov/vuln/detail/CVE-2023-41937

www.jenkins.io/security/advisory/2023-09-06/#SECURITY-3165

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

6.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.3%

JSON

Related for GHSA-VRPG-C7C4-8MPX