Web application abuses : Jenkins < 2.197 and < 2.176.4 LTS Multiple Vulnerabilities

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.114139

Kategorie: Web application abuses

Titel: Jenkins < 2.197 and < 2.176.4 LTS Multiple Vulnerabilities - Linux

Zusammenfassung: Jenkins is prone to multiple vulnerabilities.

Beschreibung: Summary:
Jenkins is prone to multiple vulnerabilities.

Vulnerability Insight:
Jenkins is prone to the following vulnerabilities:

- The f:expandableTextBox form control interpreted its content as HTML when expanded, resulting in
a stored XSS vulnerability exploitable by users with permission to define its contents, typically
Job/Configure. (CVE-2019-10401)

- The f:combobox form control interpreted its item labels as HTML, resulting in a stored XSS
vulnerability exploitable by users with permission to define its contents. (CVE-2019-10402)

- The SCM tag name on the tooltip for SCM tag actions was not being escaped, resulting in a stored
XSS vulnerability exploitable by users able to control SCM tag names for these actions. (CVE-2019-10403)

- The reason why a queue item is blocked in tooltips was not being escaped, resulting in a stored
XSS vulnerability exploitable by users able to control parts of the reason a queue item is blocked,
such as label expressions not matching any idle executors. (CVE-2019-10404)

- The value of the 'Cookie' HTTP request header on the /whoAmI/ URL was being printed, allowing
attackers exploiting another XSS vulnerability to obtain the HTTP session cookie despite it being
marked as HttpOnly. (CVE-2019-10405)

- The values set as Jenkins URL in the global configuration were not being restricted or filtered,
resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission.
(CVE-2019-10406)

Affected Software/OS:
Jenkins LTS up to and including 2.176.3, Jenkins weekly up to and including 2.196.

Solution:
Update Jenkins weekly to version 2.197 or later / Jenkins LTS to
version 2.176.4 or later.

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-10401
Common Vulnerability Exposure (CVE) ID: CVE-2019-10402
Common Vulnerability Exposure (CVE) ID: CVE-2019-10403
Common Vulnerability Exposure (CVE) ID: CVE-2019-10404
Common Vulnerability Exposure (CVE) ID: CVE-2019-10405
Common Vulnerability Exposure (CVE) ID: CVE-2019-10406

Copyright Copyright (C) 2019 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.114139
Kategorie:	Web application abuses
Titel:	Jenkins < 2.197 and < 2.176.4 LTS Multiple Vulnerabilities - Linux
Zusammenfassung:	Jenkins is prone to multiple vulnerabilities.
Beschreibung:	Summary: Jenkins is prone to multiple vulnerabilities. Vulnerability Insight: Jenkins is prone to the following vulnerabilities: - The f:expandableTextBox form control interpreted its content as HTML when expanded, resulting in a stored XSS vulnerability exploitable by users with permission to define its contents, typically Job/Configure. (CVE-2019-10401) - The f:combobox form control interpreted its item labels as HTML, resulting in a stored XSS vulnerability exploitable by users with permission to define its contents. (CVE-2019-10402) - The SCM tag name on the tooltip for SCM tag actions was not being escaped, resulting in a stored XSS vulnerability exploitable by users able to control SCM tag names for these actions. (CVE-2019-10403) - The reason why a queue item is blocked in tooltips was not being escaped, resulting in a stored XSS vulnerability exploitable by users able to control parts of the reason a queue item is blocked, such as label expressions not matching any idle executors. (CVE-2019-10404) - The value of the 'Cookie' HTTP request header on the /whoAmI/ URL was being printed, allowing attackers exploiting another XSS vulnerability to obtain the HTTP session cookie despite it being marked as HttpOnly. (CVE-2019-10405) - The values set as Jenkins URL in the global configuration were not being restricted or filtered, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission. (CVE-2019-10406) Affected Software/OS: Jenkins LTS up to and including 2.176.3, Jenkins weekly up to and including 2.196. Solution: Update Jenkins weekly to version 2.197 or later / Jenkins LTS to version 2.176.4 or later. CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-10401 Common Vulnerability Exposure (CVE) ID: CVE-2019-10402 Common Vulnerability Exposure (CVE) ID: CVE-2019-10403 Common Vulnerability Exposure (CVE) ID: CVE-2019-10404 Common Vulnerability Exposure (CVE) ID: CVE-2019-10405 Common Vulnerability Exposure (CVE) ID: CVE-2019-10406
Copyright	Copyright (C) 2019 Greenbone Networks GmbH