CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43407 – jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step Plugin
https://notcve.org/view.php?id=CVE-2022-43407
Jenkins Pipeline: Input Step Plugin 451.vf1a_a_4f405289 and earlier does not restrict or sanitize the optionally specified ID of the 'input' step, which is used for the URLs that process user interactions for the given 'input' step (proceed or abort) and is not correctly encoded, allowing attackers able to configure Pipelines to have Jenkins build URLs from 'input' step IDs that would bypass the CSRF protection of any target URL in Jenkins when the 'input' step is interacted with. Jenkins Pipeline: Input Step Plugin versiones 451.vf1a_a_4f405289 y anteriores, no restringe o sanea el ID opcionalmente especificado del paso "input", que es usado para las URLs que procesan las interacciones del usuario para el paso 'input' dado (proceder o abortar) y no está correctamente codificado, permitiendo a atacantes capaces de configurar Pipelines para que Jenkins construya URLs a partir de IDs de pasos 'input' que podrían omitir la protección CSRF de cualquier URL de destino en Jenkins cuando se interactúa con el paso 'input' A cross-site request forgery (CSRF) vulnerability was found in a Jenkins plugin. This issue may allow an unauthenticated attacker to access Jenkins builds, bypassing CSRF protections. This could compromise the integrity, availability, and confidentiality of Jenkins. • http://www.openwall.com/lists/oss-security/2022/10/19/3 https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2880 https://access.redhat.com/security/cve/CVE-2022-43407 https://bugzilla.redhat.com/show_bug.cgi?id=2136386 • CWE-352: Cross-Site Request Forgery (CSRF) CWE-838: Inappropriate Encoding for Output Context •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43413
https://notcve.org/view.php?id=CVE-2022-43413
Jenkins Job Import Plugin 3.5 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. Jenkins Job Import Plugin versiones 3.5 y anteriores, no lleva a cabo una comprobación de permisos en un endpoint HTTP, lo que permite a atacantes con permiso Overall/Read enumerar los ID de las credenciales almacenadas en Jenkins • http://www.openwall.com/lists/oss-security/2022/10/19/3 https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2791 • CWE-862: Missing Authorization •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43420
https://notcve.org/view.php?id=CVE-2022-43420
Jenkins Contrast Continuous Application Security Plugin 3.9 and earlier does not escape data returned from the Contrast service when generating a report, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control or modify Contrast service API responses. Jenkins Contrast Continuous Application Security Plugin versiones 3.9 y anteriores, no escapa de los datos devueltos por el servicio Contrast cuando es generado un informe, resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenados, explotable por atacantes capaces de controlar o modificar las respuestas de la API del servicio Contrast • http://www.openwall.com/lists/oss-security/2022/10/19/3 https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2836 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43414
https://notcve.org/view.php?id=CVE-2022-43414
Jenkins NUnit Plugin 0.27 and earlier implements an agent-to-controller message that parses files inside a user-specified directory as test results, allowing attackers able to control agent processes to obtain test results from files in an attacker-specified directory on the Jenkins controller. Jenkins NUnit Plugin versiones 0.27 y anteriores, implementa un mensaje de agente a controlador que analiza archivos dentro de un directorio especificado por el usuario como resultados de pruebas, permitiendo a atacantes capaces de controlar los procesos del agente obtener resultados de pruebas de archivos en un directorio especificado por el atacante en el controlador de Jenkins • http://www.openwall.com/lists/oss-security/2022/10/19/3 https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2551 •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-43425
https://notcve.org/view.php?id=CVE-2022-43425
Jenkins Custom Checkbox Parameter Plugin 1.4 and earlier does not escape the name and description of Custom Checkbox Parameter parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. El plugin Jenkins Custom Checkbox Parameter versiones 1.4 y anteriores, no escapa del nombre y la descripción de los parámetros de Custom Checkbox Parameter en las visualizaciones que muestran los parámetros, resultando en una vulnerabilidad de tipo cross-site scripting (XSS) almacenado explotable por atacantes con permiso de Item/Configure • http://www.openwall.com/lists/oss-security/2022/10/19/3 https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2797 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •