CVE-2020-2196 – org.jenkins-ci.plugins:selenium

Package

Manager: maven
Name: org.jenkins-ci.plugins:selenium
Vulnerable Version: >=0 <=3.141.59

Severity

Level: High

CVSS v3.1: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS v4.0: CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

EPSS: 0.00105 pctl0.29138

Details

Complete lack of CSRF protection in Jenkins Selenium Plugin can lead to OS command injection Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints. This allows attackers to perform the following actions: - Restart the Selenium Grid hub. - Delete or replace the plugin configuration. - Start, stop, or restart Selenium configurations on specific nodes. Through carefully chosen configuration parameters, these actions can result in OS command injection on the Jenkins controller.

Metadata

Created: 2022-05-24T17:19:04Z
Modified: 2022-12-20T23:03:58Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-rp4x-xpgf-4xv7/GHSA-rp4x-xpgf-4xv7.json
CWE IDs: ["CWE-352"]
Alternative ID: GHSA-rp4x-xpgf-4xv7
Finding: F007
Auto approve: 1