CVE-2020-2099 - OpenCVE

Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:N/C:P/I:P/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Jenkins	Jenkins

Configuration 1 [-]

OR	cpe:2.3:a:jenkins:jenkins:::::lts:::*
	cpe:2.3:a:jenkins:jenkins:::::-:::*

References

Link	Resource
http://www.openwall.com/lists/oss-security/2020/01/29/1	Mailing List Third Party Advisory
https://access.redhat.com/errata/RHBA-2020:0402
https://access.redhat.com/errata/RHBA-2020:0675
https://access.redhat.com/errata/RHSA-2020:0681
https://access.redhat.com/errata/RHSA-2020:0683
https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jenkins

Published: 2020-01-29T15:15:27

Updated: 2023-10-24T16:04:53.193Z

Reserved: 2019-12-05T00:00:00

Link: CVE-2020-2099

JSON object: View

NVD Information

Status : Modified

Published: 2020-01-29T16:15:12.037

Modified: 2023-10-25T18:16:29.113

Link: CVE-2020-2099

JSON object: View

Redhat Information

No data.

CWE

CWE-330

{"containers": {"cna": {"affected": [{"product": "Jenkins", "vendor": "Jenkins project", "versions": [{"lessThanOrEqual": "2.213", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "LTS 2.204.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T16:04:53.193Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"}, {"name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"}, {"name": "RHSA-2020:0681", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0681"}, {"name": "RHSA-2020:0683", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0683"}, {"name": "RHBA-2020:0402", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2020:0402"}, {"name": "RHBA-2020:0675", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2020:0675"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "jenkinsci-cert@googlegroups.com", "ID": "CVE-2020-2099", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Jenkins", "version": {"version_data": [{"version_affected": "<=", "version_value": "2.213"}, {"version_affected": "<=", "version_value": "LTS 2.204.1"}]}}]}, "vendor_name": "Jenkins project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"}]}]}, "references": {"reference_data": [{"name": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682", "refsource": "CONFIRM", "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"}, {"name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"}, {"name": "RHSA-2020:0681", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2020:0681"}, {"name": "RHSA-2020:0683", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2020:0683"}, {"name": "RHBA-2020:0402", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2020:0402"}, {"name": "RHBA-2020:0675", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2020:0675"}]}}}}, "cveMetadata": {"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "assignerShortName": "jenkins", "cveId": "CVE-2020-2099", "datePublished": "2020-01-29T15:15:27", "dateReserved": "2019-12-05T00:00:00", "dateUpdated": "2023-10-24T16:04:53.193Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "matchCriteriaId": "EAACE161-BE2D-4BB8-9795-3D76F19433C1", "versionEndIncluding": "2.204.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", "matchCriteriaId": "F0F83033-6C48-4AF2-BB2A-157A09D79538", "versionEndIncluding": "2.218", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."}, {"lang": "es", "value": "Jenkins versiones 2.213 y anteriores, versiones LTS 2.204.1 y anteriores, reutilizan inapropiadamente los par\u00e1metros de clave de cifrado en el Inbound TCP Agent Protocol/3, permitiendo a atacantes no autorizados con conocimiento de los nombres de los agentes obtener los secretos de conexi\u00f3n para esos agentes, que pueden ser usados para conectar con Jenkins , haci\u00e9ndose pasar por esos agentes."}], "id": "CVE-2020-2099", "lastModified": "2023-10-25T18:16:29.113", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-29T16:15:12.037", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://access.redhat.com/errata/RHBA-2020:0402"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://access.redhat.com/errata/RHBA-2020:0675"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://access.redhat.com/errata/RHSA-2020:0681"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://access.redhat.com/errata/RHSA-2020:0683"}, {"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-330"}], "source": "nvd@nist.gov", "type": "Primary"}]}