Main Vulnerability Database SB2019112206

SB2019112206 - Multiple vulnerabilities in Jenkins Support Core Plugin

Published: November 22, 2019

Security Bulletin ID SB2019112206

Severity

Medium

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Permissions, Privileges, and Access Controls (CVE-ID: CVE-2019-16539)

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to the affected plugin does not perform a permission check. A remote authenticated attacker with Overall/Read permission can delete support bundles and any arbitrary other file, with a known name/path.

2) Path traversal (CVE-ID: CVE-2019-16540)

The vulnerability allows a remote attacker to perform directory traversal attacks.

The vulnerability exists due to the affected plugin does not validate the paths submitted for the "Delete Support Bundles" feature. A remote authenticated attacker can send a specially crafted HTTP request and delete arbitrary files on the Jenkins master file system accessible to the OS user account running Jenkins.

Remediation

Install update from vendor's website.

References

https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1634