Jenkins < 1.551 / 1.532.2 and Jenkins Enterprise 1.509.x / 1.532.x < 1.509.5.1 / 1.532.2.2 Multiple Vulnerabilities

High Nessus Plugin ID 72685

Synopsis

The remote web server hosts a job scheduling / management system that is affected by multiple vulnerabilities.

Description

The remote web server hosts a version of Jenkins or Jenkins Enterprise that is affected by multiple vulnerabilities :

- A flaw in the default markup formatter allows cross-site scripting via the Description field in the user configuration. (CVE-2013-5573)

- A security bypass vulnerability allows remote authenticated attackers to change configurations and execute arbitrary jobs. (CVE-2013-7285, CVE-2013-7330, CVE-2014-2058)

- An unspecified flaw in the Winstone servlet allows remote attackers to hijack sessions. (CVE-2014-2060)

- An input control flaw in 'PasswordParameterDefinition' allows remote attackers to disclose sensitive information including passwords. (CVE-2014-2061)

- A security bypass vulnerability due to API tokens not being invalidated when a user is deleted.
(CVE-2014-2062)

- An unspecified flaw allows remote attackers to conduct clickjacking attacks. (CVE-2014-2063)

- An information disclosure vulnerability in the 'loadUserByUsername' function allows remote attackers to determine whether a user exists via vectors related to failed login attempts. (CVE-2014-2064)

- A cross-site scripting vulnerability due to improper input validation to the 'iconSize' cookie.
(CVE-2014-2065)

- A session fixation vulnerability allows remote attackers to hijack web sessions. (CVE-2014-2066)

- An information disclosure vulnerability in the 'doIndex' function in 'hudson/util/RemotingDiagnostics.java' allows remote authenticated users with the 'ADMINISTRATOR' permission to obtain sensitive information via heapDump. (CVE-2014-2068)

Solution

Upgrade to Jenkins 1.551 / 1.532.2 or Jenkins Enterprise 1.509.5.1 / 1.532.2.2 or later.

See Also

http://www.nessus.org/u?0db81363

http://www.nessus.org/u?353dd087

Plugin Details

Severity: High

ID: 72685

File Name: jenkins_1_551.nasl

Version: 1.9

Type: remote

Family: CGI abuses

Published: 2014/02/25

Updated: 2018/11/28

Dependencies: 65054

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 9

Temporal Score: 8.1

Vector: CVSS2#AV:N/AC:L/Au:S/C:C/I:C/A:C

Temporal Vector: CVSS2#E:POC/RL:U/RC:C

Vulnerability Information

CPE: cpe:/a:cloudbees:jenkins

Required KB Items: www/Jenkins

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2014/02/14

Vulnerability Publication Date: 2014/02/14

Reference Information

CVE: CVE-2013-5573, CVE-2013-7285, CVE-2013-7330, CVE-2014-2058, CVE-2014-2060, CVE-2014-2061, CVE-2014-2062, CVE-2014-2063, CVE-2014-2064, CVE-2014-2065, CVE-2014-2066, CVE-2014-2068

BID: 64414, 64760, 65694, 65718, 65720

CWE: 20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990