CVE-2023-49652 - OpenCVE

Incorrect permission checks in Jenkins Google Compute Engine Plugin 4.550.vb_327fca_3db_11 and earlier allow attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate system-scoped credentials IDs of credentials stored in Jenkins and to connect to Google Cloud Platform using attacker-specified credentials IDs obtained through another method, to obtain information about existing projects. This fix has been backported to 4.3.17.1.

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Jenkins	Google Compute Engine

Configuration 1 [-]

cpe:2.3:a:jenkins:google_compute_engine:*:*:*:*:*:jenkins:*:*

References

Link	Resource
http://www.openwall.com/lists/oss-security/2023/11/29/1	Mailing List Third Party Advisory
https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-2835	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: jenkins

Published: 2023-11-29T13:45:09.576Z

Updated: 2023-11-29T13:52:09.792Z

Reserved: 2023-11-28T21:18:14.327Z

Link: CVE-2023-49652

JSON object: View

NVD Information

Status : Analyzed

Published: 2023-11-29T14:15:07.460

Modified: 2023-12-05T16:06:16.127

Link: CVE-2023-49652

JSON object: View

Redhat Information

No data.

CWE

CWE-862

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:google_compute_engine:*:*:*:*:*:jenkins:*:*", "matchCriteriaId": "3B4690EE-51E5-4556-907B-4C9274D9AC48", "versionEndExcluding": "4.3.17.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Incorrect permission checks in Jenkins Google Compute Engine Plugin 4.550.vb_327fca_3db_11 and earlier allow attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate system-scoped credentials IDs of credentials stored in Jenkins and to connect to Google Cloud Platform using attacker-specified credentials IDs obtained through another method, to obtain information about existing projects. This fix has been backported to 4.3.17.1."}, {"lang": "es", "value": "Las comprobaciones de permisos incorrectas en el complemento Jenkins Google Compute Engine 4.550.vb_327fca_3db_11 y versiones anteriores permiten a atacantes con permiso global de Elemento/Configuraci\u00f3n (aunque carecen del permiso de Elemento/Configuraci\u00f3n en cualquier trabajo en particular) enumerar las ID de las credenciales almacenadas en Jenkins y conectarse a Google Cloud Platform utiliza ID de credenciales especificadas por el atacante obtenidas mediante otro m\u00e9todo, para obtener informaci\u00f3n sobre proyectos existentes. Esta soluci\u00f3n se ha actualizado a 4.3.17.1."}], "id": "CVE-2023-49652", "lastModified": "2023-12-05T16:06:16.127", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 2.7, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-11-29T14:15:07.460", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/11/29/1"}, {"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-2835"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}