ghsa-wgvx-9rh5-4g4m
Vulnerability from github
Published
2023-07-12 18:30
Modified
2023-07-20 14:03
Summary
Jenkins Benchmark Evaluator Plugin vulnerable to cross-site request forgery
Details

Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier does not perform a permission check in a method implementing form validation.

This allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, .csv, and .ycsb files on the Jenkins controller file system.

Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

Show details on source website


{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "io.jenkins.plugins:benchmark-evaluator"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "1.0.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-37962"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-352"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-07-12T22:30:15Z",
    "nvd_published_at": "2023-07-12T16:15:14Z",
    "severity": "HIGH"
  },
  "details": "Jenkins Benchmark Evaluator Plugin 1.0.1 and earlier does not perform a permission check in a method implementing form validation.\n\nThis allows attackers with Overall/Read permission to connect to an attacker-specified URL and to check for the existence of directories, `.csv`, and `.ycsb` files on the Jenkins controller file system.\n\nAdditionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.",
  "id": "GHSA-wgvx-9rh5-4g4m",
  "modified": "2023-07-20T14:03:35Z",
  "published": "2023-07-12T18:30:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-37962"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2023-07-12/#SECURITY-3119"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/07/12/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins Benchmark Evaluator Plugin vulnerable to cross-site request forgery"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.