GHSA-74x9-fhc2-p79f

Suggest an improvement
Source
https://github.com/advisories/GHSA-74x9-fhc2-p79f
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/09/GHSA-74x9-fhc2-p79f/GHSA-74x9-fhc2-p79f.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-74x9-fhc2-p79f
Aliases
Published
2022-09-22T00:00:26Z
Modified
2023-11-01T05:00:00.126823Z
Severity
  • 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
Summary
Missing permission checks in Jenkins CONS3RT Plugin allow capturing credentials
Details

CONS3RT Plugin 1.0.0 and earlier does not perform permission checks in methods implementing form validation.

This allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Additionally, these form validation methods do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

Database specific
{
    "nvd_published_at": "2022-09-21T16:15:00Z",
    "github_reviewed_at": "2022-12-06T00:41:57Z",
    "severity": "MODERATE",
    "github_reviewed": true,
    "cwe_ids": [
        "CWE-862"
    ]
}
References

Affected packages

Maven / org.jenkins-ci.plugins:cons3rt

Package

Name
org.jenkins-ci.plugins:cons3rt
View open source insights on deps.dev
Purl
pkg:maven/org.jenkins-ci.plugins/cons3rt

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
1.0.0