Headline
GHSA-fpw7-8gjc-jwqj: Cache confusion in Jenkins Eiffel Broadcaster Plugin
The Jenkins Eiffel Broadcaster Plugin allows events published to RabbitMQ to be signed using certificate credentials. To improve performance, the plugin caches some data from the credential.
Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses the credential ID as the cache key. This allows attackers able to create a credential with the same ID as a legitimate one in a different credentials store, to sign an event published to RabbitMQ with the legitimate certificate credentials.
Eiffel Broadcaster Plugin 2.10.3 removes the cache.
- GitHub Advisory Database
- GitHub Reviewed
- CVE-2025-24400
Cache confusion in Jenkins Eiffel Broadcaster Plugin
Moderate severity GitHub Reviewed Published Jan 22, 2025 to the GitHub Advisory Database • Updated Jan 22, 2025
Package
maven com.axis.jenkins.plugins.eiffel:eiffel-broadcaster (Maven)
Affected versions
>= 2.8.0, < 2.10.3
The Jenkins Eiffel Broadcaster Plugin allows events published to RabbitMQ to be signed using certificate credentials. To improve performance, the plugin caches some data from the credential.
Eiffel Broadcaster Plugin 2.8.0 through 2.10.2 (both inclusive) uses the credential ID as the cache key. This allows attackers able to create a credential with the same ID as a legitimate one in a different credentials store, to sign an event published to RabbitMQ with the legitimate certificate credentials.
Eiffel Broadcaster Plugin 2.10.3 removes the cache.
References
- https://nvd.nist.gov/vuln/detail/CVE-2025-24400
- https://www.jenkins.io/security/advisory/2025-01-22/#SECURITY-3485
Published to the GitHub Advisory Database
Jan 22, 2025
Last updated
Jan 22, 2025