// For flags

CVE-2022-25183

workflow-cps-global-lib: Sandbox bypass vulnerability

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using specially crafted library names if a global Pipeline library configured to use caching already exists.

Jenkins Pipeline: Shared Groovy Libraries Plugin versiones 552.vd9cc05b8a2e1 y anteriores, usan los nombres de las bibliotecas de Pipeline para crear directorios de caché sin ningún tipo de saneo, lo que permite a atacantes con permiso de Item/Configure ejecutar código arbitrario en el contexto de la JVM del controlador de Jenkins usando nombres de bibliotecas especialmente diseñados si ya se presenta una biblioteca global de Pipeline configurada para usar la caché

A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries plugin uses the names of Pipeline libraries to create cache directories without any sanitization. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller JVM, using specially crafted library names if a global Pipeline library configured to use caching already exists.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
Single
Confidentiality
Partial
Integrity
Partial
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2022-02-15 CVE Reserved
  • 2022-02-15 CVE Published
  • 2023-12-22 EPSS Updated
  • 2024-08-03 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-179: Incorrect Behavior Order: Early Validation
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Jenkins
Search vendor "Jenkins"
Pipeline:shared Groovy Libraries
Search vendor "Jenkins" for product "Pipeline:shared Groovy Libraries"
<= 552.vd9cc05b8a2e1
Search vendor "Jenkins" for product "Pipeline:shared Groovy Libraries" and version " <= 552.vd9cc05b8a2e1"
jenkins
Affected