Vulnerability-Lookup

CVE-2023-39153 (GCVE-0-2023-39153)

Vulnerability from cvelistv5 – Published: 2023-07-26 13:54 – Updated: 2024-10-23 14:47

Summary

A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker's account.

Severity

No CVSS data available.

Assigner

jenkins

References

2 references

URL	Tags
https://www.jenkins.io/security/advisory/2023-07-…	vendor-advisory
http://www.openwall.com/lists/oss-security/2023/07/26/2

Impacted products

1 product

Vendor	Product	Version
Jenkins Project	Jenkins GitLab Authentication Plugin	Affected: 0 , ≤ 1.17.1 (maven)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T18:02:06.659Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Jenkins Security Advisory 2023-07-26",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2023/07/26/2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-39153",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T14:46:56.658110Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-23T14:47:07.364Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Jenkins GitLab Authentication Plugin",
          "vendor": "Jenkins Project",
          "versions": [
            {
              "lessThanOrEqual": "1.17.1",
              "status": "affected",
              "version": "0",
              "versionType": "maven"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker\u0027s account."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-10-24T12:51:14.694Z",
        "orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
        "shortName": "jenkins"
      },
      "references": [
        {
          "name": "Jenkins Security Advisory 2023-07-26",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2023/07/26/2"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b",
    "assignerShortName": "jenkins",
    "cveId": "CVE-2023-39153",
    "datePublished": "2023-07-26T13:54:53.558Z",
    "dateReserved": "2023-07-25T11:16:13.336Z",
    "dateUpdated": "2024-10-23T14:47:07.364Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2023-39153",
      "date": "2026-05-27",
      "epss": "0.00109",
      "percentile": "0.28774"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:jenkins:gitlab_authentication:*:*:*:*:*:jenkins:*:*\", \"versionEndIncluding\": \"1.17.1\", \"matchCriteriaId\": \"445FAC6B-BFBE-4339-89A0-A15219DACC0A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker\u0027s account.\"}]",
      "id": "CVE-2023-39153",
      "lastModified": "2024-11-21T08:14:48.727",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\", \"baseScore\": 5.4, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.5}]}",
      "published": "2023-07-26T14:15:10.597",
      "references": "[{\"url\": \"http://www.openwall.com/lists/oss-security/2023/07/26/2\", \"source\": \"jenkinsci-cert@googlegroups.com\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696\", \"source\": \"jenkinsci-cert@googlegroups.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/07/26/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]",
      "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-352\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-39153\",\"sourceIdentifier\":\"jenkinsci-cert@googlegroups.com\",\"published\":\"2023-07-26T14:15:10.597\",\"lastModified\":\"2024-11-21T08:14:48.727\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker\u0027s account.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-352\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:jenkins:gitlab_authentication:*:*:*:*:*:jenkins:*:*\",\"versionEndIncluding\":\"1.17.1\",\"matchCriteriaId\":\"445FAC6B-BFBE-4339-89A0-A15219DACC0A\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2023/07/26/2\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696\",\"source\":\"jenkinsci-cert@googlegroups.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2023/07/26/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696\", \"name\": \"Jenkins Security Advisory 2023-07-26\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/07/26/2\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T18:02:06.659Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-39153\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-23T14:46:56.658110Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-23T14:47:00.813Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"Jenkins Project\", \"product\": \"Jenkins GitLab Authentication Plugin\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"versionType\": \"maven\", \"lessThanOrEqual\": \"1.17.1\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696\", \"name\": \"Jenkins Security Advisory 2023-07-26\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2023/07/26/2\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker\u0027s account.\"}], \"providerMetadata\": {\"orgId\": \"39769cd5-e6e2-4dc8-927e-97b3aa056f5b\", \"shortName\": \"jenkins\", \"dateUpdated\": \"2023-10-24T12:51:14.694Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-39153\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-23T14:47:07.364Z\", \"dateReserved\": \"2023-07-25T11:16:13.336Z\", \"assignerOrgId\": \"39769cd5-e6e2-4dc8-927e-97b3aa056f5b\", \"datePublished\": \"2023-07-26T13:54:53.558Z\", \"assignerShortName\": \"jenkins\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2023-39153

Vulnerability from fkie_nvd - Published: 2023-07-26 14:15 - Updated: 2024-11-21 08:14

Severity

5.4 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Summary

A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker's account.

References

URL	Tags
jenkinsci-cert@googlegroups.com	http://www.openwall.com/lists/oss-security/2023/07/26/2	Mailing List, Third Party Advisory
jenkinsci-cert@googlegroups.com	https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2023/07/26/2	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696	Vendor Advisory

Impacted products

	Vendor	Product	Version
	jenkins	gitlab_authentication	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:jenkins:gitlab_authentication:*:*:*:*:*:jenkins:*:*",
              "matchCriteriaId": "445FAC6B-BFBE-4339-89A0-A15219DACC0A",
              "versionEndIncluding": "1.17.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker\u0027s account."
    }
  ],
  "id": "CVE-2023-39153",
  "lastModified": "2024-11-21T08:14:48.727",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.4,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.5,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2023-07-26T14:15:10.597",
  "references": [
    {
      "source": "jenkinsci-cert@googlegroups.com",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/07/26/2"
    },
    {
      "source": "jenkinsci-cert@googlegroups.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2023/07/26/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696"
    }
  ],
  "sourceIdentifier": "jenkinsci-cert@googlegroups.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-352"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-CG6R-GQVC-R396

Vulnerability from github – Published: 2023-07-26 15:30 – Updated: 2023-07-31 19:00

Summary

CSRF vulnerability in GitLab Authentication Plugin

Details

GitLab Authentication Plugin 1.17.1 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request.

This vulnerability allows attackers to trick users into logging in to the attacker’s account.

GitLab Authentication Plugin 1.18 implements a state parameter in its OAuth flow.

Severity

5.4 (Medium)


                  
                    CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:gitlab-oauth"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.18"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-39153"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-26T22:36:39Z",
    "nvd_published_at": "2023-07-26T14:15:10Z",
    "severity": "MODERATE"
  },
  "details": "GitLab Authentication Plugin 1.17.1 and earlier does not implement a state parameter in its OAuth flow, a unique and non-guessable value associated with each authentication request.\n\nThis vulnerability allows attackers to trick users into logging in to the attacker\u2019s account.\n\nGitLab Authentication Plugin 1.18 implements a state parameter in its OAuth flow.\n",
  "id": "GHSA-cg6r-gqvc-r396",
  "modified": "2023-07-31T19:00:07Z",
  "published": "2023-07-26T15:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39153"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/gitlab-oauth-plugin/commit/d5bdf767e6be2efa2e9d8f8cf99b98726bb5f29d"
    },
    {
      "type": "WEB",
      "url": "https://github.com/jenkinsci/gitlab-oauth-plugin"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/07/26/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "CSRF vulnerability in GitLab Authentication Plugin"
}

GSD-2023-39153

Vulnerability from gsd - Updated: 2023-12-13 01:20

Details

A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker's account.

Aliases

CVE-2023-39153

Aliases

CVE-2023-39153

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2023-39153",
    "id": "GSD-2023-39153"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2023-39153"
      ],
      "details": "A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker\u0027s account.",
      "id": "GSD-2023-39153",
      "modified": "2023-12-13T01:20:33.757858Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
        "ID": "CVE-2023-39153",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Jenkins GitLab Authentication Plugin",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "0",
                          "version_value": "1.17.1"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Jenkins Project"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker\u0027s account."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696",
            "refsource": "MISC",
            "url": "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696"
          },
          {
            "name": "http://www.openwall.com/lists/oss-security/2023/07/26/2",
            "refsource": "MISC",
            "url": "http://www.openwall.com/lists/oss-security/2023/07/26/2"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "(,1.17.1]",
          "affected_versions": "All versions up to 1.17.1",
          "cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-352",
            "CWE-937"
          ],
          "date": "2023-07-31",
          "description": "A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker\u0027s account.",
          "fixed_versions": [],
          "identifier": "CVE-2023-39153",
          "identifiers": [
            "CVE-2023-39153"
          ],
          "not_impacted": "",
          "package_slug": "maven/org.jenkins-ci.plugins/gitlab-oauth",
          "pubdate": "2023-07-26",
          "solution": "Unfortunately, there is no solution available yet.",
          "title": "Cross-Site Request Forgery (CSRF)",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2023-39153",
            "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696",
            "http://www.openwall.com/lists/oss-security/2023/07/26/2"
          ],
          "uuid": "49c69103-ea35-42d0-9f24-c7ed35e86cdd"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:jenkins:gitlab_authentication:*:*:*:*:*:jenkins:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.17.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "jenkinsci-cert@googlegroups.com",
          "ID": "CVE-2023-39153"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "A cross-site request forgery (CSRF) vulnerability in Jenkins GitLab Authentication Plugin 1.17.1 and earlier allows attackers to trick users into logging in to the attacker\u0027s account."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-352"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696",
              "refsource": "MISC",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://www.jenkins.io/security/advisory/2023-07-26/#SECURITY-2696"
            },
            {
              "name": "http://www.openwall.com/lists/oss-security/2023/07/26/2",
              "refsource": "MISC",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2023/07/26/2"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.5
        }
      },
      "lastModifiedDate": "2023-07-31T18:14Z",
      "publishedDate": "2023-07-26T14:15Z"
    }
  }
}

WID-SEC-W-2023-1902

Vulnerability from csaf_certbund - Published: 2023-07-26 22:00 - Updated: 2023-07-26 22:00

Summary

Jenkins: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterstützung bei Softwareentwicklungen aller Art.

Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Jenkins ausnutzen, um Sicherheitsvorkehrungen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuführen.

Betroffene Betriebssysteme: - UNIX - Linux - Windows - Sonstiges

CVE-2023-39156

Es existieren mehrere Schwachstellen in Jenkins und mehreren Jenkins Plugins. Die betroffenen Plugins sind: Bazaar, Chef Identity, GitLab Authentication, Gradle, Qualys Web App Scanning Connector und ServiceNow DevOps. Die Fehler bestehen unter anderem aufgrund mehrerer Cross Site Request Forgeries, eines fehlerhaften Kontrollflusses und einer fehlerhaften Übermittlungsprüfung. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsmaßnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuführen. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion.

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Jenkins Jenkins Plugins Jenkins / Jenkins	`cpe:/a:cloudbees:jenkins:plugins`	—

CVE-2023-39155

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Jenkins Jenkins Plugins Jenkins / Jenkins	`cpe:/a:cloudbees:jenkins:plugins`	—

CVE-2023-39154

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Jenkins Jenkins Plugins Jenkins / Jenkins	`cpe:/a:cloudbees:jenkins:plugins`	—

CVE-2023-39153

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Jenkins Jenkins Plugins Jenkins / Jenkins	`cpe:/a:cloudbees:jenkins:plugins`	—

CVE-2023-39152

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Jenkins Jenkins Plugins Jenkins / Jenkins	`cpe:/a:cloudbees:jenkins:plugins`	—

CVE-2023-39151

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Jenkins Jenkins Plugins Jenkins / Jenkins	`cpe:/a:cloudbees:jenkins:plugins`	—

CVE-2023-3442

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Jenkins Jenkins Plugins Jenkins / Jenkins	`cpe:/a:cloudbees:jenkins:plugins`	—

CVE-2023-3414

Affected products

Known affected 1 product

Product	Identifier	Version	Remediation
Jenkins Jenkins Plugins Jenkins / Jenkins	`cpe:/a:cloudbees:jenkins:plugins`	—

References

3 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://www.jenkins.io/security/advisory/2023-07-26/	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Jenkins ist ein erweiterbarer, webbasierter Integration Server zur kontinuierlichen Unterst\u00fctzung bei Softwareentwicklungen aller Art.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Jenkins ausnutzen, um Sicherheitsvorkehrungen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX\n- Linux\n- Windows\n- Sonstiges",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2023-1902 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1902.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2023-1902 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1902"
      },
      {
        "category": "external",
        "summary": "Jenkins Security Advisory 2023-07-26 vom 2023-07-26",
        "url": "https://www.jenkins.io/security/advisory/2023-07-26/"
      }
    ],
    "source_lang": "en-US",
    "title": "Jenkins: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2023-07-26T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T17:56:16.372+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2023-1902",
      "initial_release_date": "2023-07-26T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2023-07-26T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Jenkins Jenkins Plugins",
                "product": {
                  "name": "Jenkins Jenkins Plugins",
                  "product_id": "T013614",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:plugins"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Jenkins Jenkins Weekly \u003c 2.416",
                "product": {
                  "name": "Jenkins Jenkins Weekly \u003c 2.416",
                  "product_id": "T028913",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:weekly__2.416"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "Jenkins Jenkins LTS \u003c 2.401.3",
                "product": {
                  "name": "Jenkins Jenkins LTS \u003c 2.401.3",
                  "product_id": "T028914",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:cloudbees:jenkins:lts__2.401.3"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Jenkins"
          }
        ],
        "category": "vendor",
        "name": "Jenkins"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-39156",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Jenkins und mehreren Jenkins Plugins. Die betroffenen Plugins sind: Bazaar, Chef Identity, GitLab Authentication, Gradle, Qualys Web App Scanning Connector und ServiceNow DevOps. Die Fehler bestehen unter anderem aufgrund mehrerer Cross Site Request Forgeries, eines fehlerhaften Kontrollflusses und einer fehlerhaften \u00dcbermittlungspr\u00fcfung. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013614"
        ]
      },
      "release_date": "2023-07-26T22:00:00.000+00:00",
      "title": "CVE-2023-39156"
    },
    {
      "cve": "CVE-2023-39155",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Jenkins und mehreren Jenkins Plugins. Die betroffenen Plugins sind: Bazaar, Chef Identity, GitLab Authentication, Gradle, Qualys Web App Scanning Connector und ServiceNow DevOps. Die Fehler bestehen unter anderem aufgrund mehrerer Cross Site Request Forgeries, eines fehlerhaften Kontrollflusses und einer fehlerhaften \u00dcbermittlungspr\u00fcfung. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013614"
        ]
      },
      "release_date": "2023-07-26T22:00:00.000+00:00",
      "title": "CVE-2023-39155"
    },
    {
      "cve": "CVE-2023-39154",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Jenkins und mehreren Jenkins Plugins. Die betroffenen Plugins sind: Bazaar, Chef Identity, GitLab Authentication, Gradle, Qualys Web App Scanning Connector und ServiceNow DevOps. Die Fehler bestehen unter anderem aufgrund mehrerer Cross Site Request Forgeries, eines fehlerhaften Kontrollflusses und einer fehlerhaften \u00dcbermittlungspr\u00fcfung. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013614"
        ]
      },
      "release_date": "2023-07-26T22:00:00.000+00:00",
      "title": "CVE-2023-39154"
    },
    {
      "cve": "CVE-2023-39153",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Jenkins und mehreren Jenkins Plugins. Die betroffenen Plugins sind: Bazaar, Chef Identity, GitLab Authentication, Gradle, Qualys Web App Scanning Connector und ServiceNow DevOps. Die Fehler bestehen unter anderem aufgrund mehrerer Cross Site Request Forgeries, eines fehlerhaften Kontrollflusses und einer fehlerhaften \u00dcbermittlungspr\u00fcfung. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013614"
        ]
      },
      "release_date": "2023-07-26T22:00:00.000+00:00",
      "title": "CVE-2023-39153"
    },
    {
      "cve": "CVE-2023-39152",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Jenkins und mehreren Jenkins Plugins. Die betroffenen Plugins sind: Bazaar, Chef Identity, GitLab Authentication, Gradle, Qualys Web App Scanning Connector und ServiceNow DevOps. Die Fehler bestehen unter anderem aufgrund mehrerer Cross Site Request Forgeries, eines fehlerhaften Kontrollflusses und einer fehlerhaften \u00dcbermittlungspr\u00fcfung. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013614"
        ]
      },
      "release_date": "2023-07-26T22:00:00.000+00:00",
      "title": "CVE-2023-39152"
    },
    {
      "cve": "CVE-2023-39151",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Jenkins und mehreren Jenkins Plugins. Die betroffenen Plugins sind: Bazaar, Chef Identity, GitLab Authentication, Gradle, Qualys Web App Scanning Connector und ServiceNow DevOps. Die Fehler bestehen unter anderem aufgrund mehrerer Cross Site Request Forgeries, eines fehlerhaften Kontrollflusses und einer fehlerhaften \u00dcbermittlungspr\u00fcfung. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013614"
        ]
      },
      "release_date": "2023-07-26T22:00:00.000+00:00",
      "title": "CVE-2023-39151"
    },
    {
      "cve": "CVE-2023-3442",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Jenkins und mehreren Jenkins Plugins. Die betroffenen Plugins sind: Bazaar, Chef Identity, GitLab Authentication, Gradle, Qualys Web App Scanning Connector und ServiceNow DevOps. Die Fehler bestehen unter anderem aufgrund mehrerer Cross Site Request Forgeries, eines fehlerhaften Kontrollflusses und einer fehlerhaften \u00dcbermittlungspr\u00fcfung. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013614"
        ]
      },
      "release_date": "2023-07-26T22:00:00.000+00:00",
      "title": "CVE-2023-3442"
    },
    {
      "cve": "CVE-2023-3414",
      "notes": [
        {
          "category": "description",
          "text": "Es existieren mehrere Schwachstellen in Jenkins und mehreren Jenkins Plugins. Die betroffenen Plugins sind: Bazaar, Chef Identity, GitLab Authentication, Gradle, Qualys Web App Scanning Connector und ServiceNow DevOps. Die Fehler bestehen unter anderem aufgrund mehrerer Cross Site Request Forgeries, eines fehlerhaften Kontrollflusses und einer fehlerhaften \u00dcbermittlungspr\u00fcfung. Ein entfernter, anonymer oder authentisierter Angreifer kann diese Schwachstellen ausnutzen, um Sicherheitsma\u00dfnahmen zu umgehen, vertrauliche Informationen offenzulegen und einen Cross-Site-Scripting-Angriff durchzuf\u00fchren. Eine erfolgreiche Ausnutzung erfordert eine Benutzerinteraktion."
        }
      ],
      "product_status": {
        "known_affected": [
          "T013614"
        ]
      },
      "release_date": "2023-07-26T22:00:00.000+00:00",
      "title": "CVE-2023-3414"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2023-39153 (GCVE-0-2023-39153)

FKIE_CVE-2023-39153

GHSA-CG6R-GQVC-R396

GSD-2023-39153

WID-SEC-W-2023-1902

Tags

Sightings

Nomenclature