CVE-2023-27902
Jenkins: Workspace temporary directories accessible through directory browser
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Jenkins 2.393 and earlier, LTS 2.375.3 and earlier shows temporary directories related to job workspaces, which allows attackers with Item/Workspace permission to access their contents.
A flaw was found in Jenkins. Jenkins uses temporary directories adjacent to workspace directories, usually with the @tmp name suffix, to store temporary files related to the build. In pipelines, these temporary directories are adjacent to the current working directory when operating in a subdirectory of the automatically allocated workspace. Jenkins-controlled processes, like SCMs, may store credentials in these directories. Affected versions of Jenkins show these temporary directories when viewing job workspaces, which allows attackers with Item/Workspace permission to access their contents.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2023-03-07 CVE Reserved
- 2023-03-08 CVE Published
- 2024-08-02 CVE Updated
- 2024-09-28 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-266: Incorrect Privilege Assignment
CAPEC
References (3)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-1807 | 2023-03-16 | |
https://access.redhat.com/security/cve/CVE-2023-27902 | 2023-05-24 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2177630 | 2023-05-24 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | < 2.375.4 Search vendor "Jenkins" for product "Jenkins" and version " < 2.375.4" | lts |
Affected
| ||||||
Jenkins Search vendor "Jenkins" | Jenkins Search vendor "Jenkins" for product "Jenkins" | < 2.394 Search vendor "Jenkins" for product "Jenkins" and version " < 2.394" | - |
Affected
|