CVE-2022-29047

Libraries: Untrusted users can modify some Pipeline libraries in Pipeline Shared Groovy Libraries Plugin

Severity Score

5.3

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Jenkins Pipeline: Shared Groovy Libraries Plugin 564.ve62a_4eb_b_e039 and earlier, except 2.21.3, allows attackers able to submit pull requests (or equivalent), but not able to commit directly to the configured SCM, to effectively change the Pipeline behavior by changing the definition of a dynamically retrieved library in their pull request, even if the Pipeline is configured to not trust them.

Jenkins Pipeline: Shared Groovy Libraries Plugin versiones 564.ve62a_4eb_b_e039 y anteriores, excepto 2.21.3, permite a atacantes capaces de enviar pull requests (o equivalentes), pero no capaces de comprometerse directamente con el SCM configurado, cambiar efectivamente el comportamiento de Pipeline cambiando la definición de una biblioteca recuperada dinámicamente en su petición de pull, incluso si Pipeline está configurado para no confiar en ellos

A flaw was found in the Jenkins Pipeline: Shared Groovy Libraries plugin. The Jenkins Pipeline: Shared Groovy Libraries plugin allows attackers to submit pull requests. However, the attacker cannot commit directly to the configured Source Control Management (SCM) to effectively change the Pipeline behavior by changing the definition of a dynamically retrieved library in their pull request, even with the Pipeline configured not to trust them.

*Credits: N/A

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

None

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2022-04-11 CVE Reserved
2022-04-12 CVE Published
2024-08-03 CVE Updated
2024-11-16 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-288: Authentication Bypass Using an Alternate Path or Channel
CWE-863: Incorrect Authorization

CAPEC

References (3)

URL	Tag	Source

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC
https://www.jenkins.io/security/advisory/2022-04-12/#SECURITY-1951	2023-12-21
https://access.redhat.com/security/cve/CVE-2022-29047	2023-03-06
https://bugzilla.redhat.com/show_bug.cgi?id=2074855	2023-03-06

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Jenkins Search vendor "Jenkins"		Pipeline: Shared Groovy Libraries Search vendor "Jenkins" for product "Pipeline: Shared Groovy Libraries"				< 2.21.3 Search vendor "Jenkins" for product "Pipeline: Shared Groovy Libraries" and version " < 2.21.3"		jenkins		Affected
Jenkins Search vendor "Jenkins"		Pipeline: Shared Groovy Libraries Search vendor "Jenkins" for product "Pipeline: Shared Groovy Libraries"				>= 544.vff04fa68714d < 566.vd0a_a_3334a_555 Search vendor "Jenkins" for product "Pipeline: Shared Groovy Libraries" and version " >= 544.vff04fa68714d < 566.vd0a_a_3334a_555"		jenkins		Affected