CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27903 – Jenkins: Temporary file parameter created with insecure permissions
https://notcve.org/view.php?id=CVE-2023-27903
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a file parameter through the CLI, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used. A flaw was found in Jenkins. When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Affected versions of Jenkins create this temporary file in the default temporary directory with the default permissions for newly created files. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is used in the build. • https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3058 https://access.redhat.com/security/cve/CVE-2023-27903 https://bugzilla.redhat.com/show_bug.cgi?id=2177632 • CWE-266: Incorrect Privilege Assignment CWE-863: Incorrect Authorization •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27902 – Jenkins: Workspace temporary directories accessible through directory browser
https://notcve.org/view.php?id=CVE-2023-27902
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents. A flaw was found in Jenkins. Jenkins uses temporary directories adjacent to workspace directories, usually with the @tmp name suffix, to store temporary files related to the build. In pipelines, these temporary directories are adjacent to the current working directory when operating in a subdirectory of the automatically allocated workspace. Jenkins-controlled processes, like SCMs, may store credentials in these directories. • https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-1807 https://access.redhat.com/security/cve/CVE-2023-27902 https://bugzilla.redhat.com/show_bug.cgi?id=2177630 • CWE-266: Incorrect Privilege Assignment •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27901 – Jenkins: Denial of Service attack
https://notcve.org/view.php?id=CVE-2023-27901
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service. A flaw was found in Jenkins. Affected versions of Jenkins use the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service. • https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3030 https://access.redhat.com/security/cve/CVE-2023-27901 https://bugzilla.redhat.com/show_bug.cgi?id=2177646 • CWE-404: Improper Resource Shutdown or Release CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27900 – Jenkins: Denial of Service attack
https://notcve.org/view.php?id=CVE-2023-27900
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in hudson.util.MultipartFormDataParser, allowing attackers to trigger a denial of service. A flaw was found in Jenkins. Affected versions of Jenkins use the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in hudson.util.MultipartFormDataParser, allowing attackers to trigger a denial of service. • https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3030 https://access.redhat.com/security/cve/CVE-2023-27900 https://bugzilla.redhat.com/show_bug.cgi?id=2177638 • CWE-404: Improper Resource Shutdown or Release CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-27899 – Jenkins: Temporary plugin file created with insecure permissions
https://notcve.org/view.php?id=CVE-2023-27899
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier creates a temporary file in the default temporary directory with the default permissions for newly created files when uploading a plugin for installation, potentially allowing attackers with access to the Jenkins controller file system to read and write the file before it is used, potentially resulting in arbitrary code execution. A flaw was found in Jenkins. Jenkins creates a temporary file when a plugin is uploaded from an administrator’s computer. If these permissions are overly permissive, they may allow attackers with access to the Jenkins controller file system to read and write the file before it is installed in Jenkins, potentially resulting in arbitrary code execution. • https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-2823 https://access.redhat.com/security/cve/CVE-2023-27899 https://bugzilla.redhat.com/show_bug.cgi?id=2177626 • CWE-378: Creation of Temporary File With Insecure Permissions CWE-863: Incorrect Authorization •