GHSA-wcrg-92wp-4h28

Source

https://github.com/advisories/GHSA-wcrg-92wp-4h28

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-wcrg-92wp-4h28/GHSA-wcrg-92wp-4h28.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-wcrg-92wp-4h28

Aliases

CVE-2020-2298

Published

2022-05-24T17:30:19Z

Modified

2024-02-16T08:00:56.136489Z

Severity

6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

XXE vulnerability in Jenkins Nerrvana Plugin

Details

Jenkins Nerrvana Plugin 1.02.06 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

This allows attackers with Overall/Read permission to have Jenkins parse a crafted HTTP request with XML data that uses external entities for extraction of secrets from the Jenkins controller or server-side request forgery.

Additionally, XML parsing is exposed as a form validation endpoint that does not require POST requests, allowing exploitation by users without Overall/Read permission via CSRF.

Database specific

{
    "nvd_published_at": "2020-10-08T13:15:00Z",
    "cwe_ids": [
        "CWE-611"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2022-12-21T18:52:12Z"
}

References

Affected packages

Maven / org.jenkins-ci.plugins:nerrvana-plugin

Package

Name: org.jenkins-ci.plugins:nerrvana-plugin; View open source insights on deps.dev
Purl: pkg:maven/org.jenkins-ci.plugins/nerrvana-plugin

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Last affected

1.02.06

Affected versions

1.*

1.02r

1.02.01

1.02.06