SB2019073110 - Multiple vulnerabilities in Script Security plugin for Jenkins

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-10355)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the sandbox protection can be circumvented by casting crafted objects to other types. A remote authenticated attacker who is able to specify sandboxed scripts can invoke constructors that were not whitelisted and execute arbitrary code on the target system.

2) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-10356)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the sandbox protection can be circumvented through crafted subexpressions used as arguments to method pointer expressions. A remote authenticated attacker who is able to specify sandboxed scripts can execute arbitrary code in the context of the Jenkins master JVM.

Remediation

Install update from vendor's website.

References

• http://www.openwall.com/lists/oss-security/2019/07/31/1
• https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20(1)
• https://jenkins.io/security/advisory/2019-07-31/#SECURITY-1465%20(2)