Lucene search

GitHub Advisory DatabaseGHSA-WVGR-5WGR-C6FJ

HistoryJul 12, 2023 - 6:30 p.m.

Jenkins mabl Plugin vulnerable to cross-site request forgery

2023-07-1218:30:38

CWE-352

GitHub Advisory Database

github.com

jenkins

mabl plugin

csrf

vulnerability

fixed

version 0.0.47

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

17.4%

JSON

Jenkins mabl Plugin 0.0.46 and earlier does not perform permission checks in several HTTP endpoints.

This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

mabl Plugin 0.0.47 requires POST requests and the appropriate permissions for the affected HTTP endpoints.

Affected configurations

Vulners

Node

com.mabl.integration.jenkins\mablMatchintegration

CPENameOperatorVersion
com.mabl.integration.jenkins:mabl-integrationlt0.0.47

CPE	Name	Operator	Version
	com.mabl.integration.jenkins:mabl-integration	lt	0.0.47

References

www.openwall.com/lists/oss-security/2023/07/12/2

github.com/advisories/GHSA-wvgr-5wgr-c6fj

nvd.nist.gov/vuln/detail/CVE-2023-37952

www.jenkins.io/security/advisory/2023-07-12/#SECURITY-3127

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

0.0005 Low

EPSS

Percentile

17.4%

JSON

Related for GHSA-WVGR-5WGR-C6FJ