CVE-2022-43417 – org.jenkins-ci.plugins:katalon

Package

Manager: maven
Name: org.jenkins-ci.plugins:katalon
Vulnerable Version: >=0 <1.0.33

Severity

Level: Medium

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

EPSS: 0.00173 pctl0.39093

Details

Missing permission checks in Jenkins Katalon Plugin allow capturing credentials Katalon Plugin 1.0.32 and earlier does not perform permission checks in several HTTP endpoints. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. Katalon Plugin 1.0.33 properly performs permission checks when accessing the affected HTTP endpoints.

Metadata

Created: 2022-10-19T19:00:18Z
Modified: 2022-12-16T17:27:51Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/10/GHSA-5fvg-h778-jjjx/GHSA-5fvg-h778-jjjx.json
CWE IDs: ["CWE-862"]
Alternative ID: GHSA-5fvg-h778-jjjx
Finding: F039
Auto approve: 1