CVE-2015-1810
jenkins: HudsonPrivateSecurityRealm allows creation of reserved names (SECURITY-166)
Severity Score
4.6
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The HudsonPrivateSecurityRealm class in Jenkins before 1.600 and LTS before 1.596.1 does not restrict access to reserved names when using the "Jenkins' own user database" setting, which allows remote attackers to gain privileges by creating a reserved name.
La clase HudsonPrivateSecurityRealm en Jenkins en versiones anteriores a 1.600 y LTS en versiones anteriores a 1.596.1 no restringe el acceso a nombres reservados cuando usan la configuraciĆ³n "base de datos de usuario propia Jenkins", lo que permite a atacantes remotos obtener privilegios creando un nombre reservado.
It was discovered that the internal Jenkins user database did not restrict access to reserved names, allowing users to escalate privileges.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2015-02-17 CVE Reserved
- 2015-10-01 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-264: Permissions, Privileges, and Access Controls
CAPEC
References (5)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2015-1844.html | 2016-06-15 | |
| https://access.redhat.com/errata/RHSA-2016:0070 | 2016-06-15 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1205627 | 2016-01-26 | |
| https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-02-27 | 2016-06-15 | |
| https://access.redhat.com/security/cve/CVE-2015-1810 | 2016-01-26 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | <= 1.580.3 Search vendor "Jenkins" for product "Jenkins" and version " <= 1.580.3" | lts |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Openshift Search vendor "Redhat" for product "Openshift" | <= 3.1 Search vendor "Redhat" for product "Openshift" and version " <= 3.1" | enterprise |
Affected
| ||||||
| Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | <= 1.599 Search vendor "Jenkins" for product "Jenkins" and version " <= 1.599" | - |
Affected
| ||||||