Jenkins Digital.ai App Management Publisher Plugin missing permission checks

2023-06-1415:30:37

Google

osv.dev

jenkins

digital.ai

app management

publisher plugin

permission checks

http endpoints

overall/read permission

url

credentials ids

csrf vulnerability

0.001 Low

EPSS

Percentile

30.0%

JSON

Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier does not perform permission checks in several HTTP endpoints.

This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

CPENameOperatorVersion
org.jenkins-ci.plugins:ease-plugineq1.2.7
org.jenkins-ci.plugins:ease-plugineq1.2.8
org.jenkins-ci.plugins:ease-plugineq2.0
org.jenkins-ci.plugins:ease-plugineq1.2.2
org.jenkins-ci.plugins:ease-plugineq1.2.12
org.jenkins-ci.plugins:ease-plugineq2.5
org.jenkins-ci.plugins:ease-plugineq1.2.11
org.jenkins-ci.plugins:ease-plugineq1.2.5
org.jenkins-ci.plugins:ease-plugineq1.2.10
org.jenkins-ci.plugins:ease-plugineq2.2

Name	Operator	Version
org.jenkins-ci.plugins:ease-plugin	eq	1.2.7
org.jenkins-ci.plugins:ease-plugin	eq	1.2.8
org.jenkins-ci.plugins:ease-plugin	eq	2.0
org.jenkins-ci.plugins:ease-plugin	eq	1.2.2
org.jenkins-ci.plugins:ease-plugin	eq	1.2.12
org.jenkins-ci.plugins:ease-plugin	eq	2.5
org.jenkins-ci.plugins:ease-plugin	eq	1.2.11
org.jenkins-ci.plugins:ease-plugin	eq	1.2.5
org.jenkins-ci.plugins:ease-plugin	eq	1.2.10
org.jenkins-ci.plugins:ease-plugin	eq	2.2