Lucene search

GitHub Advisory DatabaseGHSA-W2MH-6XJ5-F77F

HistoryJan 13, 2022 - 12:01 a.m.

Incorrect Permission Assignment for Critical Resource in Jenkins Bitbucket Branch Source Plugin

2022-01-1300:01:02

CWE-732

CWE-862

GitHub Advisory Database

github.com

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

22.2%

JSON

Jenkins Bitbucket Branch Source Plugin prior to 746.v350d2781c184, 725.vd9f8be0fa250, 2.9.11.2, and 2.9.7.2 does not perform permission checks in several HTTP endpoints.

This allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins. Those can be used as part of an attack to capture the credentials using another vulnerability.

An enumeration of credentials IDs in Bitbucket Branch Source Plugin 746.v350d2781c184, 725.vd9f8be0fa250, 2.9.11.2, and 2.9.7.2 requires the appropriate permissions.

Affected configurations

Vulners

Node

jenkinsbitbucket_branch_sourceRange<2.9.7.2jenkins

jenkinsbitbucket_branch_sourceRange<2.9.11.2jenkins

jenkinsbitbucket_branch_sourceRange720.vbe985dd73d66≥jenkins

jenkinsbitbucket_branch_sourceRange<725.vd9f8be0fa250jenkins

jenkinsbitbucket_branch_sourceRange726.v7e6f53de133c≥jenkins

jenkinsbitbucket_branch_sourceRange<746.v350d2781c184jenkins

CPENameOperatorVersion
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-sourcelt2.9.7.2
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-sourcelt2.9.11.2
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-sourcege720.vbe985dd73d66
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-sourcelt725.vd9f8be0fa250
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-sourcege726.v7e6f53de133c
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-sourcelt746.v350d2781c184

Name	Operator	Version
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source	lt	2.9.7.2
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source	lt	2.9.11.2
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source	ge	720.vbe985dd73d66
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source	lt	725.vd9f8be0fa250
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source	ge	726.v7e6f53de133c
org.jenkins-ci.plugins:cloudbees-bitbucket-branch-source	lt	746.v350d2781c184

References

www.openwall.com/lists/oss-security/2022/01/12/6

github.com/advisories/GHSA-w2mh-6xj5-f77f

github.com/CVEProject/cvelist/blob/2d78eb36f4d084db7fb35f1535d8d84fdcb7d859/2022/20xxx/CVE-2022-20618.json

github.com/jenkinsci/bitbucket-branch-source-plugin/commit/467ed6c94af8735c4755d53145a54325ae82d073

nvd.nist.gov/vuln/detail/CVE-2022-20618

www.jenkins.io/security/advisory/2022-01-12/#SECURITY-2033

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

4.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

0.001 Low

EPSS

Percentile

22.2%

JSON

Related for GHSA-W2MH-6XJ5-F77F