Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.CLOUDBEES-SECURITY-ADVISORY-2022-01-28.NASL
HistoryFeb 03, 2022 - 12:00 a.m.

Jenkins Enterprise and Operations Center < 2.303.30.0.4 / 2.319.2.9 RCE (CloudBees Security Advisory 2022-01-28)

2022-02-0300:00:00
This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
7
JSON

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.303.x prior to 2.303.30.0.4, or 2.x prior to 2.319.2.9. It is, therefore, affected by a remote code execution vulnerability in the Kubernetes Client API. An authenticated, local attacker can exploit this, by entering YAML that would be processed by the Kubernetes Client API.

Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 70300
##
# (C) Tenable, Inc.
##

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(157338);
  script_version("1.4");
  script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/13");

  script_cve_id("CVE-2021-4178");

  script_name(english:"Jenkins Enterprise and Operations Center < 2.303.30.0.4 / 2.319.2.9 RCE (CloudBees Security Advisory 2022-01-28)");

  script_set_attribute(attribute:"synopsis", value:
"A job scheduling and management system hosted on the remote web server is affected by a remote code execution
vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.303.x prior to
2.303.30.0.4, or 2.x prior to 2.319.2.9. It is, therefore, affected by a remote code execution vulnerability in the
Kubernetes Client API. An authenticated, local attacker can exploit this, by entering YAML that would be processed by
the Kubernetes Client API.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
  # https://www.cloudbees.com/security-advisories/cloudbees-security-advisory-2022-01-28
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?377d7ee5");
  script_set_attribute(attribute:"solution", value:
"Upgrade Jenkins Enterprise or Jenkins Operations Center to version 2.303.30.0.4, 2.319.2.9, or later.");
  script_set_attribute(attribute:"agent", value:"all");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:M/C:C/I:C/A:C");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-4178");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");

  script_set_attribute(attribute:"vuln_publication_date", value:"2021/12/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2022/01/28");
  script_set_attribute(attribute:"plugin_publication_date", value:"2022/02/03");

  script_set_attribute(attribute:"plugin_type", value:"combined");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:cloudbees:jenkins");
  script_set_attribute(attribute:"thorough_tests", value:"true");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"CGI abuses");

  script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("jenkins_detect.nasl", "jenkins_win_installed.nbin", "jenkins_nix_installed.nbin", "macosx_jenkins_installed.nbin");
  script_require_keys("installed_sw/Jenkins");

  exit(0);
}

include('vcf.inc');
include('vcf_extras.inc');

var app_info = vcf::combined_get_app_info(app:'Jenkins');

var constraints = [
  { 'min_version' : '2.303',  'fixed_version' : '2.303.30.0.4', 'edition' : make_list('Enterprise', 'Operations Center') },
  { 'min_version' : '2',      'fixed_version' : '2.319.2.9',    'edition' : make_list('Enterprise', 'Operations Center'), 'rolling_train' : TRUE },
];

vcf::jenkins::check_version_and_report(
  app_info:app_info,
  constraints:constraints,
  severity:SECURITY_WARNING
);
VendorProductVersionCPE
cloudbeesjenkinscpe:/a:cloudbees:jenkins

Related

osv 2
cve 1
ibm 1
veracode 1
redhatcve 1
prion 1
github 1
redhat 7
oracle 1
osv
osv
CVE-2021-4178
2022-08-24 16:15:09
fabric8 kubernetes-client vulnerable
2022-07-15 05:17:35
cve
cve
CVE-2021-4178
2022-08-24 16:15:00
ibm
ibm
Security Bulletin: IBM Event Streams is vulnerable to arbitrary code execution due to the Fabric8 Kubernetes client (CVE-2021-4178)
2022-07-05 11:14:46
veracode
veracode
Arbitrary Code Execution
2022-07-18 07:12:10
redhatcve
redhatcve
CVE-2021-4178
2022-01-06 17:52:03
prion
prion
Code injection
2022-08-24 16:15:00
github
github
fabric8 kubernetes-client vulnerable
2022-07-15 05:17:35
redhat
redhat
(RHSA-2022:0469) Important: Red Hat AMQ Streams 2.0.1 release and security update
2022-02-08 13:46:22
(RHSA-2022:0467) Important: Red Hat AMQ Streams 1.6.7 release and security update
2022-02-08 12:43:39
(RHSA-2022:8761) Moderate: Red Hat support for Spring Boot 2.7.2 update
2022-12-14 13:14:18
oracle
oracle
Oracle Critical Patch Update Advisory - October 2022
2022-10-18 00:00:00
JSON
Related for CLOUDBEES-SECURITY-ADVISORY-2022-01-28.NASL
osv2cve1ibm1veracode1redhatcve1prion1github1redhat7oracle1