Jenkins < 1.551 / 1.532.2 and Jenkins Enterprise 1.509.x / 1.532.x < 1.509.5.1 / 1.532.2.2 Multiple Vulnerabilities
High Nessus Plugin ID 72685
SynopsisThe remote web server hosts a job scheduling / management system that is affected by multiple vulnerabilities.
DescriptionThe remote web server hosts a version of Jenkins or Jenkins Enterprise that is affected by multiple vulnerabilities :
- A flaw in the default markup formatter allows cross-site scripting via the Description field in the user configuration. (CVE-2013-5573)
- A security bypass vulnerability allows remote authenticated attackers to change configurations and execute arbitrary jobs. (CVE-2013-7285, CVE-2013-7330, CVE-2014-2058)
- An unspecified flaw in the Winstone servlet allows remote attackers to hijack sessions. (CVE-2014-2060)
- An input control flaw in 'PasswordParameterDefinition' allows remote attackers to disclose sensitive information including passwords. (CVE-2014-2061)
- A security bypass vulnerability due to API tokens not being invalidated when a user is deleted.
- An unspecified flaw allows remote attackers to conduct clickjacking attacks. (CVE-2014-2063)
- An information disclosure vulnerability in the 'loadUserByUsername' function allows remote attackers to determine whether a user exists via vectors related to failed login attempts. (CVE-2014-2064)
- A cross-site scripting vulnerability due to improper input validation to the 'iconSize' cookie.
- A session fixation vulnerability allows remote attackers to hijack web sessions. (CVE-2014-2066)
- An information disclosure vulnerability in the 'doIndex' function in 'hudson/util/RemotingDiagnostics.java' allows remote authenticated users with the 'ADMINISTRATOR' permission to obtain sensitive information via heapDump. (CVE-2014-2068)
SolutionUpgrade to Jenkins 1.551 / 1.532.2 or Jenkins Enterprise 1.509.5.1 / 1.532.2.2 or later.