PT-2018-5173 · Cloudbees+1 · Jenkins

Darren Zhao

Published

2018-01-26

Updated

2022-05-14

CVE-2017-1000391

CVSS v3.1

7.3

High

Vector

AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions Jenkins versions 2.88 and earlier Jenkins versions 2.73.2 and earlier

Description The issue arises from how Jenkins stores metadata related to 'people', which includes actual user accounts and users from SCM, in directories on disk. These directories are named using the user ID without any additional escaping, which could lead to issues such as overwriting unrelated configuration files.

Recommendations For Jenkins versions 2.88 and earlier, update to a version later than 2.88 to resolve the issue. For Jenkins versions 2.73.2 and earlier, update to a version later than 2.73.2 to resolve the issue.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2017-1000391

GHSA-WFJ3-535M-P6FX

Affected Products

Jenkins

PT-2018-5173 · Cloudbees+1 · Jenkins

CVE-2017-1000391

Weakness Enumeration

Related Identifiers

Affected Products

References · 7