// For flags

CVE-2024-23899

jenkins-2-plugins: git-server plugin arbitrary file read vulnerability

Severity Score

6.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

Track
*SSVC
Descriptions

Jenkins Git server Plugin 99.va_0826a_b_cdfa_d and earlier does not disable a feature of its command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing attackers with Overall/Read permission to read content from arbitrary files on the Jenkins controller file system.

El complemento del servidor Jenkins Git 99.va_0826a_b_cdfa_d y versiones anteriores no desactiva una función de su analizador de comandos que reemplaza un carácter '@' seguido de una ruta de archivo en un argumento con el contenido del archivo, permitiendo a atacantes con permiso general/lectura leer contenido de archivos arbitrarios en el sistema de archivos del controlador Jenkins.

A flaw was found in the Git Server Plugin for Jenkins. This issue could allow an attacker to read the first two lines of arbitrary files on the server's file system.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:Track
Exploitation
None
Automatable
No
Tech. Impact
Partial
* Organization's Worst-case Scenario
Timeline
  • 2024-01-23 CVE Reserved
  • 2024-01-24 CVE Published
  • 2024-02-01 EPSS Updated
  • 2024-10-18 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Jenkins
Search vendor "Jenkins"
 Git Server
Search vendor "Jenkins" for product "Git Server"
 <= 99.va_0826a_b_cdfa_d
Search vendor "Jenkins" for product "Git Server" and version " <= 99.va_0826a_b_cdfa_d"
jenkins
Affected