Jenkins Security Advisory 2019-01-08 Multiple Vulnerabilities

Medium Nessus Plugin ID 129169

Synopsis

A job scheduling and management system hosted on the remote web server is affected by multiple vulnerabilities.

Description

Jenkins running on the remote web server has one or more plugins affected by following vulnerabilities:

- A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM.
(CVE-2019-1003000)

- A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61 and earlier in src/main/java/org/jenkinsci/plugins/workflow/cps/CpsFlowDefinition.java, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShellFactory.java that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
(CVE-2019-1003001)

- A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.
(CVE-2019-1003002)

Solution

Refer to vendor advisory for details.

See Also

https://jenkins.io/security/advisory/2019-01-08/

Plugin Details

Severity: Medium

ID: 129169

File Name: jenkins_security_advisory_2019-01-08.nasl

Version: 1.2

Type: remote

Family: CGI abuses

Published: 2019/09/24

Updated: 2019/09/25

Dependencies: 129098

Risk Information

Risk Factor: Medium

CVSS Score Source: CVE-2019-1003000

CVSS v2.0

Base Score: 6.5

Temporal Score: 5.4

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSS v3.0

Base Score: 8.8

Temporal Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:cloudbees:jenkins, cpe:/a:jenkins:jenkins

Required KB Items: www/Jenkins

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2019/01/08

Vulnerability Publication Date: 2019/01/08

Exploitable With

Metasploit (Jenkins ACL Bypass and Metaprogramming RCE)

Reference Information

CVE: CVE-2019-1003000, CVE-2019-1003001, CVE-2019-1003002

BID: 106681