CVE-2018-1000152 – org.jenkins-ci.plugins:vsphere-cloud

Package

Manager: maven
Name: org.jenkins-ci.plugins:vsphere-cloud
Vulnerable Version: >=0 <2.17

Severity

Level: Medium

CVSS v3.1: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

EPSS: 0.00058 pctl0.18413

Details

Jenkins vSphere Plugin incorrect authorization vulnerability An improper authorization vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, PowerOff.java, PowerOn.java, Reconfigure.java, Rename.java, RenameSnapshot.java, RevertToSnapshot.java, SuspendVm.java, TakeSnapshot.java, VSphereBuildStepContainer.java, vSphereCloudProvisionedSlave.java, vSphereCloudSlave.java, vSphereCloudSlaveTemplate.java, VSphereConnectionConfig.java, vSphereStep.java that allows attackers to perform form validation related actions, including sending numerous requests to the configured vSphere server, potentially resulting in denial of service, or send credentials stored in Jenkins with known ID to an attacker-specified server ("test connection"). As of version 2.17, these form validation methods require POST requests and appropriate user permissions.

Metadata

Created: 2022-05-13T01:48:33Z
Modified: 2022-12-07T18:11:35Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/05/GHSA-48pq-x3vw-4pqf/GHSA-48pq-x3vw-4pqf.json
CWE IDs: ["CWE-863"]
Alternative ID: GHSA-48pq-x3vw-4pqf
Finding: F006
Auto approve: 1