Multiple vulnerabilities in Jenkins JIRA Pipeline Steps plugin
| Risk | Low |
| Patch available | NO |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2023-24437 CVE-2023-24438 CVE-2023-24439 CVE-2023-24440 |
| CWE-ID | CWE-352 CWE-284 CWE-312 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
JIRA Pipeline Steps Web applications / Modules and components for CMS |
| Vendor | Jenkins |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Cross-site request forgery
EUVDB-ID: #VU71543
Risk: Low
CVSSv3.1: 5.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-24437
CWE-ID:
CWE-352 - Cross-Site Request Forgery (CSRF)
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform cross-site request forgery attacks.
The vulnerability exists due to insufficient validation of the HTTP request origin. A remote attacker can trick the victim to visit a specially crafted web page and perform arbitrary actions on behalf of the victim on the vulnerable website.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsJIRA Pipeline Steps: 2.0.165.v8846cf59f3db
External linkshttp://jenkins.io/security/advisory/2023-01-24/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper access control
EUVDB-ID: #VU71544
Risk: Low
CVSSv3.1: 3.9 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-24438
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in methods implementing form validation. A remote user can connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsJIRA Pipeline Steps: 2.0.165.v8846cf59f3db
External linkshttp://jenkins.io/security/advisory/2023-01-24/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cleartext storage of sensitive information
EUVDB-ID: #VU71545
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-24439
CWE-ID:
CWE-312 - Cleartext Storage of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to the affected plugin stores the private key unencrypted in its global configuration file org.thoughtslive.jenkins.plugins.jira.JiraStepsConfig.xml on the Jenkins controller as part of its configuration. A local user can gain access to this key.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsJIRA Pipeline Steps: 2.0.165.v8846cf59f3db
External linkshttp://jenkins.io/security/advisory/2023-01-24/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Improper access control
EUVDB-ID: #VU71546
Risk: Low
CVSSv3.1: 3.1 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:U/RC:C]
CVE-ID: CVE-2023-24440
CWE-ID:
CWE-284 - Improper Access Control
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to the global configuration form does not mask the API key. A local user can observe and capture it.
MitigationCybersecurity Help is currently unaware of any official solution to address this vulnerability.
Vulnerable software versionsJIRA Pipeline Steps: 2.0.165.v8846cf59f3db
External linkshttp://jenkins.io/security/advisory/2023-01-24/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
