Missing permission check in Jenkins Docker Plugin

2022-05-2416:50:03

Google

osv.dev

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.2%

JSON

A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier in DockerAPI.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

CPENameOperatorVersion
io.jenkins.docker:docker-plugineq1.1
io.jenkins.docker:docker-plugineq1.1.1
io.jenkins.docker:docker-plugineq1.1.5
io.jenkins.docker:docker-plugineq1.1.6
io.jenkins.docker:docker-plugineq1.1.2
io.jenkins.docker:docker-plugineq1.1.4
io.jenkins.docker:docker-plugineq1.1.3

Name	Operator	Version
io.jenkins.docker:docker-plugin	eq	1.1
io.jenkins.docker:docker-plugin	eq	1.1.1
io.jenkins.docker:docker-plugin	eq	1.1.5
io.jenkins.docker:docker-plugin	eq	1.1.6
io.jenkins.docker:docker-plugin	eq	1.1.2
io.jenkins.docker:docker-plugin	eq	1.1.4
io.jenkins.docker:docker-plugin	eq	1.1.3