CVE-2015-1814 - OpenCVE

The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a "forced API token change" involving anonymous users.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Jenkins	Jenkins
Redhat	Openshift

Configuration 1 [-]

cpe:2.3:a:jenkins:jenkins:1.596.1:*:*:*:lts:*:*:*

Configuration 2 [-]

cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*

Configuration 3 [-]

cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2015-1844.html
https://access.redhat.com/errata/RHSA-2016:0070
https://bugzilla.redhat.com/show_bug.cgi?id=1205616
https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2015-10-16T20:00:00

Updated: 2016-06-09T16:57:01

Reserved: 2015-02-17T00:00:00

Link: CVE-2015-1814

JSON object: View

NVD Information

Status : Analyzed

Published: 2015-10-16T20:59:11.747

Modified: 2016-06-15T17:04:49.110

Link: CVE-2015-1814

JSON object: View

Redhat Information

No data.

CWE

CWE-264

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-03-23T00:00:00", "descriptions": [{"lang": "en", "value": "The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a \"forced API token change\" involving anonymous users."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-06-09T16:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205616"}, {"name": "RHSA-2016:0070", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2016:0070"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23"}, {"name": "RHSA-2015:1844", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2015-1814", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a \"forced API token change\" involving anonymous users."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1205616", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205616"}, {"name": "RHSA-2016:0070", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:0070"}, {"name": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23", "refsource": "CONFIRM", "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23"}, {"name": "RHSA-2015:1844", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-1814", "datePublished": "2015-10-16T20:00:00", "dateReserved": "2015-02-17T00:00:00", "dateUpdated": "2016-06-09T16:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:jenkins:1.596.1:*:*:*:lts:*:*:*", "matchCriteriaId": "1A0564DB-E5C6-459E-B9A0-557A81F92BC0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "0A492A49-052F-4CD5-AE7E-AF8A6B3E1B2D", "versionEndIncluding": "3.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*", "matchCriteriaId": "26836BE3-EB42-4460-81A7-5249801BA67D", "versionEndIncluding": "1.605", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The API token-issuing service in Jenkins before 1.606 and LTS before 1.596.2 allows remote attackers to gain privileges via a \"forced API token change\" involving anonymous users."}, {"lang": "es", "value": "El servicio de emisi\u00f3n de token de API en Jenkins en versiones anteriores a 1.606 y LTS en versiones anteriores a 1.596.2 permite a atacantes remotos obtener privilegios a trav\u00e9s de un \"cambio forzado de token de API\" involucrando a usuarios an\u00f3nimos."}], "id": "CVE-2015-1814", "lastModified": "2016-06-15T17:04:49.110", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-10-16T20:59:11.747", "references": [{"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1844.html"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2016:0070"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1205616"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2015-03-23"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}