SB2019073109 - Multiple vulnerabilities in Configuration as Code plugin for Jenkins

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019073109

SB2019073109 - Multiple vulnerabilities in Configuration as Code plugin for Jenkins

Published: July 31, 2019 Updated: October 4, 2019

Security Bulletin ID SB2019073109
Severity
Medium
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Information disclosure

Breakdown by Severity

Medium 40% Low 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Unprotected storage of credentials (CVE-ID: CVE-2019-10343)

The vulnerability allows a local user to gain access to other users' credentials.

The vulnerability exists due to the affected software fails to mask secrets in system log messages. A local authenticated user can view contents of the configuration file and gain access to passwords for 3rd party integration.


2) Information disclosure (CVE-ID: CVE-2019-10363)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to the affected software does not reliably detect which values in the exported YAML file need to be considered sensitive and exports secret values in plain text. A remote authenticated attacker can gain unauthorized access to sensitive information on the system.


3) Input validation error (CVE-ID: CVE-2019-10362)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input when processing YAML files. A remote authenticated attacker with permission to change Jenkins system configuration can specify crafted descriptions containing variable references and obtain the values of environment variables.


4) Credentials management (CVE-ID: CVE-2019-10345)

The vulnerability allows a local user to access sensitive information on a targeted system.

The vulnerability exists due to the the affected software does not mask the password for logging or encrypt it in the export. A local authenticated user can exploit this vulnerability to obtain passwords on the target system.

5) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-10344)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to missing permission checks in various HTTP endpoints. A remote authenticated attacker with Overall/Read access can access the generated schema and documentation for this plugin containing detailed information about installed plugins.


Remediation

Install update from vendor's website.

References