CVE-2019-10368 - OpenCVE

A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpl#doTestConnection and JCloudsCloud.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Jenkins	Jclouds

Configuration 1 [-]

cpe:2.3:a:jenkins:jclouds:*:*:*:*:*:jenkins:*:*

References

Link	Resource
http://www.openwall.com/lists/oss-security/2019/08/07/1	Mailing List Third Party Advisory
https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1482	Vendor Advisory
https://lists.apache.org/thread.html/r42b7ff290ed5ec8f27f12c54fff54462ffc4bcf6a5015c37fece94ac%40%3Cnotifications.jclouds.apache.org%3E
https://lists.apache.org/thread.html/r6c4693d03d15391814c647742db49a4d9937fa34573fb66103d57b45%40%3Cnotifications.jclouds.apache.org%3E
https://lists.apache.org/thread.html/r725e55670dbdd214f3cfdfea255b72a75fa9a4f0c6c9d109b29c7881%40%3Cnotifications.jclouds.apache.org%3E

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jenkins

Published: 2019-08-07T14:20:23

Updated: 2023-10-24T16:48:15.875Z

Reserved: 2019-03-29T00:00:00

Link: CVE-2019-10368

JSON object: View

NVD Information

Status : Modified

Published: 2019-08-07T15:15:12.140

Modified: 2023-10-25T18:16:18.797

Link: CVE-2019-10368

JSON object: View

Redhat Information

No data.

CWE

CWE-352

{"containers": {"cna": {"affected": [{"product": "Jenkins JClouds Plugin", "vendor": "Jenkins project", "versions": [{"status": "affected", "version": "2.14 and earlier"}]}], "descriptions": [{"lang": "en", "value": "A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpl#doTestConnection and JCloudsCloud.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T16:48:15.875Z"}, "references": [{"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1482"}, {"name": "[jclouds-notifications] 20200106 [jira] [Created] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r42b7ff290ed5ec8f27f12c54fff54462ffc4bcf6a5015c37fece94ac%40%3Cnotifications.jclouds.apache.org%3E"}, {"name": "[jclouds-notifications] 20200107 [jira] [Resolved] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r6c4693d03d15391814c647742db49a4d9937fa34573fb66103d57b45%40%3Cnotifications.jclouds.apache.org%3E"}, {"name": "[jclouds-notifications] 20200107 [jira] [Commented] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.apache.org/thread.html/r725e55670dbdd214f3cfdfea255b72a75fa9a4f0c6c9d109b29c7881%40%3Cnotifications.jclouds.apache.org%3E"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "jenkinsci-cert@googlegroups.com", "ID": "CVE-2019-10368", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Jenkins JClouds Plugin", "version": {"version_data": [{"version_value": "2.14 and earlier"}]}}]}, "vendor_name": "Jenkins project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpl#doTestConnection and JCloudsCloud.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-352"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20190807 Multiple vulnerabilities in Jenkins plugins", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"}, {"name": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1482", "refsource": "CONFIRM", "url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1482"}, {"name": "[jclouds-notifications] 20200106 [jira] [Created] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r42b7ff290ed5ec8f27f12c54fff54462ffc4bcf6a5015c37fece94ac@%3Cnotifications.jclouds.apache.org%3E"}, {"name": "[jclouds-notifications] 20200107 [jira] [Resolved] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r6c4693d03d15391814c647742db49a4d9937fa34573fb66103d57b45@%3Cnotifications.jclouds.apache.org%3E"}, {"name": "[jclouds-notifications] 20200107 [jira] [Commented] (JCLOUDS-1536) SECURITY-1482 / CVE-2019-10368 (CSRF), CVE-2019-10369 (permission check)", "refsource": "MLIST", "url": "https://lists.apache.org/thread.html/r725e55670dbdd214f3cfdfea255b72a75fa9a4f0c6c9d109b29c7881@%3Cnotifications.jclouds.apache.org%3E"}]}}}}, "cveMetadata": {"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "assignerShortName": "jenkins", "cveId": "CVE-2019-10368", "datePublished": "2019-08-07T14:20:23", "dateReserved": "2019-03-29T00:00:00", "dateUpdated": "2023-10-24T16:48:15.875Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:jclouds:*:*:*:*:*:jenkins:*:*", "matchCriteriaId": "D42D7916-41E4-4A35-85B9-54095F0A45F4", "versionEndIncluding": "2.14", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2.14 and earlier in BlobStoreProfile.DescriptorImpl#doTestConnection and JCloudsCloud.DescriptorImpl#doTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins."}, {"lang": "es", "value": "Una vulnerabilidad de tipo cross-site request forgery en Plugin JClouds de Jenkins versi\u00f3n 2.14 y anteriores, en BlobStoreProfile.DescriptorImpl#doTestConnection y JCloudsCloud.DescriptorImpl#doTestConnection, permitir\u00eda a los usuarios con acceso General y de Lectura conectarse a una URL especificada por el atacante usando los IDs de las credenciales especificadas por el atacante obtenidos mediante otro m\u00e9todo, capturando credenciales almacenadas en Jenkins."}], "id": "CVE-2019-10368", "lastModified": "2023-10-25T18:16:18.797", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-07T15:15:12.140", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2019/08/07/1"}, {"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://jenkins.io/security/advisory/2019-08-07/#SECURITY-1482"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://lists.apache.org/thread.html/r42b7ff290ed5ec8f27f12c54fff54462ffc4bcf6a5015c37fece94ac%40%3Cnotifications.jclouds.apache.org%3E"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://lists.apache.org/thread.html/r6c4693d03d15391814c647742db49a4d9937fa34573fb66103d57b45%40%3Cnotifications.jclouds.apache.org%3E"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://lists.apache.org/thread.html/r725e55670dbdd214f3cfdfea255b72a75fa9a4f0c6c9d109b29c7881%40%3Cnotifications.jclouds.apache.org%3E"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-352"}], "source": "nvd@nist.gov", "type": "Primary"}]}