SB2018090506 - Multiple vulnerabilities in Jenkins

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2018090506

SB2018090506 - Multiple vulnerabilities in Jenkins

Published: September 5, 2018

Security Bulletin ID SB2018090506
Severity
Low
Patch available
YES
Number of vulnerabilities 6
Exploitation vector Remote access
Highest impact Data manipulation

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 6 secuirty vulnerabilities.


1) Deserialization on untrusted data (CVE-ID: CVE-2018-1999042)

The vulnerability allows a remote attacker to obtain potentially sensitive information.

The vulnerability exists in XStream2.java due to deserializing of an instance of java.net.URL. A remote attacker can supply malicious input and and have Jenkins resolve a domain name.


2) Denial of service (CVE-ID: CVE-2018-1999043)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to an error in BasicAuthenticationFilter.java, BasicHeaderApiTokenAuthenticator.java. A remote attacker can attempt to log in using invalid credentials, create ephemeral in-memory user records and cause the service to crash.


3) Infinite loop (CVE-ID: CVE-2018-1999044)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The vulnerability exists due to an infinite loop in CronTab.java. A remote attacker can have a request handling thread, trigger infinite loop and cause the service to crash.


4) Improper authentication (CVE-ID: CVE-2018-1999045)

The vulnerability allows a remote attacker to bypass authentication on the target system.

The vulnerability exists due to improper authentication in SecurityRealm.java, TokenBasedRememberMeServices2.java. A remote attacker with a valid cookie can remain logged in even if that feature is disabled.


5) Information disclosure (CVE-ID: CVE-2018-1999046)

The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The vulnerability exists due to an error in Computer.java. A remote attacker with Overall/Read permission can access the connection log for any agent.


6) Improper authorization (CVE-ID: CVE-2018-1999047)

The vulnerability allows a remote attacker to bypass authorization on the target system.

The vulnerability exists due to improper authorization in UpdateCenter.java. A remote attacker can cancel a Jenkins restart scheduled through the update center.


Remediation

Install update from vendor's website.

References