Multiple vulnerabilities in Configuration as Code plugin for Jenkins
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2019-10343 CVE-2019-10363 CVE-2019-10362 CVE-2019-10345 CVE-2019-10344 |
| CWE-ID | CWE-256 CWE-200 CWE-20 CWE-255 CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Configuration as Code Web applications / Modules and components for CMS |
| Vendor | Jenkins |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Unprotected storage of credentials
EUVDB-ID: #VU21532
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-10343
CWE-ID:
CWE-256 - Unprotected Storage of Credentials
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to other users' credentials.
The vulnerability exists due to the affected software fails to mask secrets in system log messages. A local authenticated user can view contents of the configuration file and gain access to passwords for 3rd party integration.
MitigationInstall updates from vendor's website.
Vulnerable software versionsConfiguration as Code: 0.1 - 1.24
CPE2.3- cpe:2.3:a:jenkins:configuration_as_code:0.1:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:configuration_as_code:0.2:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:configuration_as_code:0.3:*:*:*:*:jenkins:*:*
https://www.openwall.com/lists/oss-security/2019/07/31/1
https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1279
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Information disclosure
EUVDB-ID: #VU21537
Risk: Medium
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-10363
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to the affected software does not reliably detect which values in the exported YAML file need to be considered sensitive and exports secret values in plain text. A remote authenticated attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsConfiguration as Code: 0.1 - 1.24
CPE2.3- cpe:2.3:a:jenkins:configuration_as_code:0.1:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:configuration_as_code:0.2:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:configuration_as_code:0.3:*:*:*:*:jenkins:*:*
https://www.openwall.com/lists/oss-security/2019/07/31/1
https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1458
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Input validation error
EUVDB-ID: #VU21536
Risk: Medium
CVSSv4.0: 1.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2019-10362
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input when processing YAML files. A remote authenticated attacker with permission to change Jenkins system configuration can specify crafted descriptions containing variable references and obtain the values of environment variables.
MitigationInstall updates from vendor's website.
Vulnerable software versionsConfiguration as Code: 0.1 - 1.24
CPE2.3- cpe:2.3:a:jenkins:configuration_as_code:0.1:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:configuration_as_code:0.2:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:configuration_as_code:0.3:*:*:*:*:jenkins:*:*
https://www.openwall.com/lists/oss-security/2019/07/31/1
https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1446
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Credentials management
EUVDB-ID: #VU21534
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-10345
CWE-ID:
CWE-255 - Credentials Management
Exploit availability: No
DescriptionInstall updates from vendor's website.
Vulnerable software versionsConfiguration as Code: 0.1 - 1.24
CPE2.3- cpe:2.3:a:jenkins:configuration_as_code:0.1:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:configuration_as_code:0.2:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:configuration_as_code:0.3:*:*:*:*:jenkins:*:*
https://www.openwall.com/lists/oss-security/2019/07/31/1
https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1303
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU21533
Risk: Low
CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-10344
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to escalate privileges on the system.
The vulnerability exists due to missing permission checks in various HTTP endpoints. A remote authenticated attacker with Overall/Read access can access the generated schema and documentation for this plugin containing detailed information about installed plugins.
MitigationInstall updates from vendor's website.
Vulnerable software versionsConfiguration as Code: 0.1 - 1.24
CPE2.3- cpe:2.3:a:jenkins:configuration_as_code:0.1:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:configuration_as_code:0.2:*:*:*:*:jenkins:*:*
- cpe:2.3:a:jenkins:configuration_as_code:0.3:*:*:*:*:jenkins:*:*
https://www.openwall.com/lists/oss-security/2019/07/31/1
https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1290
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
