CVE-2018-6356
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins master they should not have access to. On Windows, any file accessible to the Jenkins master process could be downloaded. On other operating systems, any file within the Jenkins home directory accessible to the Jenkins master process could be downloaded.
Jenkins, en versiones anteriores a la 2.107 y Jenkins LTS, en versiones anteriores a la 2.89.4, no evitaban correctamente la especificación de rutas relativas que escapaban un directorio base para las URL que acceden a archivos de recurso de los plugins. Esto permitía que los usuarios con permisos Overall/Read descarguen archivos del directorio maestro de Jenkins a los que no deberían tener acceso. En Windows, cualquier archivo accesible para el proceso Jenkins master podría ser descargado. En otros sistemas operativos, cualquier archivo en el directorio raíz de Jenkins accesible para su proceso maestro podría ser descargado.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2018-01-27 CVE Reserved
- 2018-02-20 CVE Published
- 2023-10-10 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
http://www.openwall.com/lists/oss-security/2018/02/14/1 | Mailing List | |
http://www.securityfocus.com/bid/103037 | Broken Link |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.oracle.com/security-alerts/cpuapr2022.html | 2022-06-13 |
URL | Date | SRC |
---|---|---|
https://jenkins.io/security/advisory/2018-02-14 | 2022-06-13 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | < 2.107 Search vendor "Jenkins" for product "Jenkins" and version " < 2.107" | - |
Affected
| ||||||
Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | < 2.89.4 Search vendor "Jenkins" for product "Jenkins" and version " < 2.89.4" | lts |
Affected
| ||||||
Oracle Search vendor "Oracle" | Communications Cloud Native Core Automated Test Suite Search vendor "Oracle" for product "Communications Cloud Native Core Automated Test Suite" | 1.9.0 Search vendor "Oracle" for product "Communications Cloud Native Core Automated Test Suite" and version "1.9.0" | - |
Affected
|