The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.17. It is, therefore, affected by multiple vulnerabilities including the following:

  - CSRF vulnerability and missing permission checks in Code Dx Plugin (CVE-2023-2195, CVE-2023-2631)

  - Missing permission checks in Code Dx Plugin (CVE-2023-2196)

  - API keys stored and displayed in plain text by Code Dx Plugin (CVE-2023-2632, CVE-2023-2633)

  - Stored XSS vulnerability in Pipeline: Job Plugin (CVE-2023-32977)

  - CSRF vulnerability in LDAP Plugin (CVE-2023-32978)

  - Missing permission check in Email Extension Plugin (CVE-2023-32979)

  - CSRF vulnerability in Email Extension Plugin (CVE-2023-32980)

  - Arbitrary file write vulnerability on agents in Pipeline Utility Steps Plugin (CVE-2023-32981)

  - Secrets stored and displayed in plain text by Ansible Plugin (CVE-2023-32982, CVE-2023-32983)

  - Stored XSS vulnerability in TestNG Results Plugin (CVE-2023-32984)

  - Path traversal vulnerability in Sidebar Link Plugin (CVE-2023-32985)

  - Arbitrary file write vulnerability in File Parameter Plugin (CVE-2023-32986)

  - CSRF vulnerability in Reverse Proxy Auth Plugin (CVE-2023-32987)

  - Missing permission check in Azure VM Agents Plugin allows enumerating credentials IDs (CVE-2023-32988)

  - CSRF vulnerability and missing permission checks in Azure VM Agents Plugin (CVE-2023-32989,     CVE-2023-32990)

  - CSRF vulnerability and missing permission checks in SAML Single Sign On(SSO) Plugin allow XXE     (CVE-2023-32991, CVE-2023-32992)

  - Missing hostname validation in SAML Single Sign On(SSO) Plugin (CVE-2023-32993)

  - SSL/TLS certificate validation unconditionally disabled by SAML Single Sign On(SSO) Plugin     (CVE-2023-32994)

  - CSRF vulnerability and missing permission check in SAML Single Sign On(SSO) Plugin (CVE-2023-32995,     CVE-2023-32996)

  - Session fixation vulnerability in CAS Plugin (CVE-2023-32997)

  - CSRF vulnerability and missing permission check in AppSpider Plugin (CVE-2023-32998, CVE-2023-32999)

  - Credentials displayed without masking by NS-ND Integration Performance Publisher Plugin (CVE-2023-33000)

  - Improper masking of credentials in HashiCorp Vault Plugin (CVE-2023-33001)

  - Stored XSS vulnerability in TestComplete support Plugin (CVE-2023-33002)

  - CSRF vulnerability and missing permission checks in Tag Profiler Plugin (CVE-2023-33003, CVE-2023-33004)

  - Session fixation vulnerability in WSO2 Oauth Plugin (CVE-2023-33005)

  - CSRF vulnerability in WSO2 Oauth Plugin (CVE-2023-33006)

  - Stored XSS vulnerability in LoadComplete support Plugin (CVE-2023-33007)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.17 Multiple Vulnerabilities (CloudBees Security Advisory 2023-05-16)

high Nessus Plugin ID 175835

Version 1.2