Permissions, Privileges, and Access Controls in Jenkins and Jenkins LTS

#VU49529 Permissions, Privileges, and Access Controls in Jenkins and Jenkins LTS

Published: 2021-01-13 | Updated: 2021-01-14

Vulnerability identifier: #VU49529

Vulnerability risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2021-21606

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Jenkins
Server applications / Application servers
Jenkins LTS
Server applications / Application servers

Vendor: Jenkins

Description

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to arbitrary file existence check in file fingerprints. A remote authenticated attacker can check for the existence of XML files on the controller file system where the relative path can be constructed as 32 characters.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Jenkins: 2.0 - 240

Jenkins LTS: 2.7.1 - 2.263.1

External links
http://www.jenkins.io/security/advisory/2021-01-13/#SECURITY-2023

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in OpenShift Container Platform

Arch Linux update for jenkins

Permissions, Privileges, and Access Controls in jenkins (Alpine package)

Multiple vulnerabilities in Jenkins and Jenkins LTS