CVE-2019-1003002
Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming Remote Code Execution
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
3Exploited in Wild
-Decision
Descriptions
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
Existe una vulnerabilidad de omisión de sandbox en Pipeline: el plugin Declarative, en la versión 1.3.3 y anteriores, en pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy permite a los atacantes con permisos de "Overall/Read" proporcionar un script "pipeline" a un endpoint HTTP que puede resultar en la ejecución de código arbitrario en la máquina virtual de Java maestra de Jenkins.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-22 CVE Reserved
- 2019-01-22 CVE Published
- 2019-02-19 First Exploit
- 2024-08-05 CVE Updated
- 2024-08-17 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (13)
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/46572 | 2024-08-05 | |
| https://www.exploit-db.com/exploits/46427 | 2019-02-19 | |
| http://packetstormsecurity.com/files/152132/Jenkins-ACL-Bypass-Metaprogramming-Remote-Code-Execution.html | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHBA-2019:0326 | 2023-10-25 | |
| https://access.redhat.com/errata/RHBA-2019:0327 | 2023-10-25 | |
| https://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266 | 2023-10-25 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Jenkins Search vendor "Jenkins" | Pipeline: Declarative Search vendor "Jenkins" for product "Pipeline: Declarative" | <= 1.3.3 Search vendor "Jenkins" for product "Pipeline: Declarative" and version " <= 1.3.3" | jenkins |
Affected
| ||||||
| Redhat Search vendor "Redhat" | Openshift Container Platform Search vendor "Redhat" for product "Openshift Container Platform" | 3.11 Search vendor "Redhat" for product "Openshift Container Platform" and version "3.11" | - |
Affected
| ||||||