GHSA-74x9-fhc2-p79f

Source

https://github.com/advisories/GHSA-74x9-fhc2-p79f

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-74x9-fhc2-p79f/GHSA-74x9-fhc2-p79f.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-74x9-fhc2-p79f

Aliases

CVE-2022-41254

Published

2022-09-22T00:00:26Z

Modified

2023-11-08T04:10:29.249284Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator

Summary

Missing permission checks in Jenkins CONS3RT Plugin allow capturing credentials

Details

CONS3RT Plugin 1.0.0 and earlier does not perform permission checks in methods implementing form validation.

This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Additionally, these form validation methods do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

Database specific

{
    "nvd_published_at": "2022-09-21T16:15:00Z",
    "severity": "MODERATE",
    "github_reviewed_at": "2022-12-06T00:41:57Z",
    "cwe_ids": [
        "CWE-862"
    ],
    "github_reviewed": true
}

References

Affected packages

Maven / org.jenkins-ci.plugins:cons3rt

Package

Name: org.jenkins-ci.plugins:cons3rt; View open source insights on deps.dev
Purl: pkg:maven/org.jenkins-ci.plugins/cons3rt

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

1.0.0

Affected versions

1.*

1.0.0

Database specific

source

"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-74x9-fhc2-p79f/GHSA-74x9-fhc2-p79f.json"