Jenkins < 1.642.2 / 1.650 Java Object Deserialization RCE

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote web server is affected by a remote code execution
vulnerability.

Description :

The Jenkins web server running on the remote host is affected by a
remote code execution vulnerability due to unsafe deserialize calls of
unauthenticated Java objects to the Groovy library, specifically the
runtime.MethodClosure class. An unauthenticated, remote attacker can
exploit this, via a crafted XML file, to execute arbitrary code on the
target host.

Note that the Jenkins web server may be affected by other
vulnerabilities as well; however, Nessus has not tested for these.

See also :

http://www.nessus.org/u?93a2c1f1
http://www.nessus.org/u?6e7fc0b6
http://www.nessus.org/u?e0204f30

Solution :

Upgrade to Jenkins version 1.642.2 / 1.650 or later. Alternatively,
disable the CLI port per the vendor advisory.

Risk factor :

Critical / CVSS Base Score : 10.0
(CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.3
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: General

Nessus Plugin ID: 89034 ()

Bugtraq ID: 83720

CVE ID: CVE-2016-0792

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now