Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-cpc3-gm2x-mrvp: Jenkins Tag Profiler Plugin missing permission check

Jenkins Tag Profiler Plugin 0.2 and earlier does not perform a permission check in an HTTP endpoint.

This allows attackers with Overall/Read permission to reset profiler statistics.

Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

As of publication of this advisory, there is no fix.

ghsa
#csrf#vulnerability#git#java#maven

Package

maven org.jenkins-ci.plugins:tag-profiler (Maven)

Affected versions

<= 0.2

Patched versions

None

Description

Jenkins Tag Profiler Plugin 0.2 and earlier does not perform a permission check in an HTTP endpoint.

This allows attackers with Overall/Read permission to reset profiler statistics.

Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

As of publication of this advisory, there is no fix.

References

  • https://nvd.nist.gov/vuln/detail/CVE-2023-33004
  • https://www.jenkins.io/security/advisory/2023-05-16/#SECURITY-3083

Published to the GitHub Advisory Database

May 16, 2023

Reviewed

May 17, 2023

Last updated

May 17, 2023

Related news

CVE-2023-2195: Jenkins Security Advisory 2023-05-16

A cross-site request forgery (CSRF) vulnerability in Jenkins Code Dx Plugin 3.1.0 and earlier allows attackers to connect to an attacker-specified URL.

CVE-2023-33001: Jenkins Security Advisory 2023-05-16

Jenkins HashiCorp Vault Plugin 360.v0a_1c04cf807d and earlier does not properly mask (i.e., replace with asterisks) credentials in the build log when push mode for durable task logging is enabled.

CVE-2023-33004: Jenkins Security Advisory 2023-05-16

A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.

CVE-2023-33006: Jenkins Security Advisory 2023-05-16

A cross-site request forgery (CSRF) vulnerability in Jenkins WSO2 Oauth Plugin 1.0 and earlier allows attackers to trick users into logging in to the attacker's account.

CVE-2023-33007: Jenkins Security Advisory 2023-05-16

Jenkins LoadComplete support Plugin 1.0 and earlier does not escape the LoadComplete test name, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission.

CVE-2023-32987: Jenkins Security Advisory 2023-05-16

A cross-site request forgery (CSRF) vulnerability in Jenkins Reverse Proxy Auth Plugin 1.7.4 and earlier allows attackers to connect to an attacker-specified LDAP server using attacker-specified credentials.

CVE-2023-32983: Jenkins Security Advisory 2023-05-16

Jenkins Ansible Plugin 204.v8191fd551eb_f and earlier does not mask extra variables displayed on the configuration form, increasing the potential for attackers to observe and capture them.

CVE-2023-32989: Jenkins Security Advisory 2023-05-16

A cross-site request forgery (CSRF) vulnerability in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method.

CVE-2023-32979: Jenkins Security Advisory 2023-05-16

Jenkins Email Extension Plugin 2.96 and earlier does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system.

CVE-2023-32980: Jenkins Security Advisory 2023-05-16

A cross-site request forgery (CSRF) vulnerability in Jenkins Email Extension Plugin 2.96 and earlier allows attackers to make another user stop watching an attacker-specified job.