CSRF vulnerability and mM

2022-09-2200:00:28

Google

osv.dev

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.001 Low

EPSS

Percentile

29.0%

JSON

Worksoft Execution Manager Plugin 10.0.3.503 and earlier does not perform a permission check in a method implementing form validation.

This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

CPENameOperatorVersion
org.jenkins-ci.plugins:ws-execution-managereq10.0.0.7
org.jenkins-ci.plugins:ws-execution-managereq10.0.3.503
org.jenkins-ci.plugins:ws-execution-managereq10.0.2.27
org.jenkins-ci.plugins:ws-execution-managereq10.0.1.19

Name	Operator	Version
org.jenkins-ci.plugins:ws-execution-manager	eq	10.0.0.7
org.jenkins-ci.plugins:ws-execution-manager	eq	10.0.3.503
org.jenkins-ci.plugins:ws-execution-manager	eq	10.0.2.27
org.jenkins-ci.plugins:ws-execution-manager	eq	10.0.1.19