CVE-2023-35149 – org.jenkins-ci.plugins:ease-plugin

Package

Manager: maven
Name: org.jenkins-ci.plugins:ease-plugin
Vulnerable Version: >=0 <=2.6

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00049 pctl0.14935

Details

Jenkins Digital.ai App Management Publisher Plugin missing permission checks Jenkins Digital.ai App Management Publisher Plugin 2.6 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

Metadata

Created: 2023-06-14T15:30:37Z
Modified: 2023-06-14T20:33:37Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/06/GHSA-5ghv-wxh9-7356/GHSA-5ghv-wxh9-7356.json
CWE IDs: ["CWE-862"]
Alternative ID: GHSA-5ghv-wxh9-7356
Finding: F039
Auto approve: 1