CVE-2022-45388 – org.jenkins-ci.main:config-rotator

Package

Manager: maven
Name: org.jenkins-ci.main:config-rotator
Vulnerable Version: >=0 <=2.0.1

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00183 pctl0.40283

Details

Jenkins Config Rotator Plugin vulnerable to path traversal Jenkins Config Rotator Plugin 2.0.1 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing unauthenticated attackers to read arbitrary files with '.xml' extension on the Jenkins controller file system. Currently there is no known workaround and no fix available.

Metadata

Created: 2022-11-16T12:00:23Z
Modified: 2022-12-15T21:06:25Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/11/GHSA-9pqq-h9qv-28fp/GHSA-9pqq-h9qv-28fp.json
CWE IDs: ["CWE-22"]
Alternative ID: GHSA-9pqq-h9qv-28fp
Finding: F063
Auto approve: 1