CVE-2022-34181 - OpenCVE

Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn't exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the Jenkins controller or to obtain test results from existing files in an attacker-specified directory.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Jenkins	Xunit

Configuration 1 [-]

cpe:2.3:a:jenkins:xunit:*:*:*:*:*:jenkins:*:*

References

Link	Resource
https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2549	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jenkins

Published: 2022-06-22T14:41:08

Updated: 2023-10-24T14:22:25.320Z

Reserved: 2022-06-21T00:00:00

Link: CVE-2022-34181

JSON object: View

NVD Information

Status : Analyzed

Published: 2022-06-23T17:15:15.923

Modified: 2023-11-03T18:20:25.920

Link: CVE-2022-34181

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "Jenkins xUnit Plugin", "vendor": "Jenkins project", "versions": [{"lessThanOrEqual": "3.0.8", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn't exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the Jenkins controller or to obtain test results from existing files in an attacker-specified directory."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T14:22:25.320Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2549"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "jenkinsci-cert@googlegroups.com", "ID": "CVE-2022-34181", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Jenkins xUnit Plugin", "version": {"version_data": [{"version_affected": "<=", "version_value": "3.0.8"}]}}]}, "vendor_name": "Jenkins project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn't exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the Jenkins controller or to obtain test results from existing files in an attacker-specified directory."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-693: Protection Mechanism Failure"}]}]}, "references": {"reference_data": [{"name": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2549", "refsource": "CONFIRM", "url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2549"}]}}}}, "cveMetadata": {"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "assignerShortName": "jenkins", "cveId": "CVE-2022-34181", "datePublished": "2022-06-22T14:41:08", "dateReserved": "2022-06-21T00:00:00", "dateUpdated": "2023-10-24T14:22:25.320Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:xunit:*:*:*:*:*:jenkins:*:*", "matchCriteriaId": "25C0F81E-BF19-4C1A-AE05-B74CBDB9FE98", "versionEndIncluding": "3.0.8", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Jenkins xUnit Plugin 3.0.8 and earlier implements an agent-to-controller message that creates a user-specified directory if it doesn't exist, and parsing files inside it as test results, allowing attackers able to control agent processes to create an arbitrary directory on the Jenkins controller or to obtain test results from existing files in an attacker-specified directory."}, {"lang": "es", "value": "Jenkins xUnit Plugin 3.0.8 y anteriores, implementa un mensaje de agente a controlador que crea un directorio especificado por el usuario si no existe, y analiza los archivos dentro de \u00e9l como resultados de las pruebas, lo que permite a atacantes capaces de controlar los procesos del agente crear un directorio arbitrario en el controlador de Jenkins u obtener los resultados de las pruebas de los archivos existentes en un directorio especificado por el atacante"}], "id": "CVE-2022-34181", "lastModified": "2023-11-03T18:20:25.920", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 6.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-06-23T17:15:15.923", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2549"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}