CVE-2023-43497

2023-09-2017:15:11

Google

osv.dev

jenkins

lts

vulnerability

file uploads

stapler web framework

temporary files

system temporary directory

permissions

attackers

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

7 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

19.4%

JSON

In Jenkins 2.423 and earlier, LTS 2.414.1 and earlier, processing file uploads using the Stapler web framework creates temporary files in the default system temporary directory with the default permissions for newly created files, potentially allowing attackers with access to the Jenkins controller file system to read and write the files before they are used.

CPENameOperatorVersion
jenkinseqjenkins-2.346
jenkinseqjenkins-1.582
jenkinseqchanges/294
jenkinseqjenkins-1.636
jenkinseqjenkins-1.613
jenkinseqjenkins-2.184
jenkinseqjenkins-2.115
jenkinseqbuilds/98
jenkinseqjenkins-2.325
jenkinseqjenkins-1.469

Name	Operator	Version
jenkins	eq	jenkins-2.346
jenkins	eq	jenkins-1.582
jenkins	eq	changes/294
jenkins	eq	jenkins-1.636
jenkins	eq	jenkins-1.613
jenkins	eq	jenkins-2.184
jenkins	eq	jenkins-2.115
jenkins	eq	builds/98
jenkins	eq	jenkins-2.325
jenkins	eq	jenkins-1.469