CVE-2017-1000091

Name of the Vulnerable Software and Affected Versions GitHub Branch Source Plugin (affected versions not specified)

Description The GitHub Branch Source Plugin has a functionality that connects to a user-specified GitHub API URL as part of form validation and completion. This functionality improperly checked permissions, allowing any user with Overall/Read access to Jenkins to connect to any web server and send credentials with a known ID, potentially capturing them. The issue also allowed these actions to be performed without direct access to Jenkins via Cross-Site Request Forgery, as it did not require POST requests.

Recommendations For the GitHub Branch Source Plugin, to mitigate the issue, consider requiring Extended Read permission (or Configure permission if Extended Read is not enabled) to access credentials in the context of a job. If no job context exists, require Overall/Administer permission. At the moment, there is no information about a newer version that contains a fix for this vulnerability.