GitHub Advisory DatabaseGHSA-XHW3-WMX2-76WFBuffer overflow in Jenkins WMI Windows Agents plugin
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
40.2%
WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library. It provides a general-purpose remote command execution capability that Jenkins uses to check if Java is available, and if not, to install it.
This library has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands on the Windows agent machine.
Additionally, while the processes are started as the user who connects to the named pipe, no access control takes place, potentially allowing users to start processes even if theyβre not allowed to log in.
WMI Windows Agents Plugin 1.8.1 no longer includes the Windows Remote Command library. A Java runtime is expected to be available on agent machines and WMI Windows Agents Plugin 1.8.1 does not install a JDK automatically otherwise.
Affected configurations
| CPE | Name | Operator | Version |
|---|---|---|---|
| org.jenkins-ci.plugins:windows-slaves | lt | 1.8.1 |
Related
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
40.2%