PT-2020-15508 · Jenkins · Jenkins Script Security Plugin+4
Daniel Beck
+1
·
Published
2020-09-23
·
Updated
2023-10-25
·
CVE-2020-2279
CVSS v3.1
9.9
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Jenkins Script Security Plugin versions 1.74 and earlier
Description
A sandbox bypass issue allows attackers with permission to define sandboxed scripts to execute arbitrary code on the Jenkins controller JVM. This is possible due to the ability of sandboxed scripts to communicate results through return values or script binding content. The vulnerability enables attackers to bypass sandbox protection, resulting in arbitrary code execution.
Recommendations
For Jenkins Script Security Plugin versions 1.74 and earlier, update to version 1.75 or later to resolve the issue. Additionally, to ensure compatibility with this update, consider upgrading the following plugins to the specified versions:
- Email Extension Plugin to version 2.77 or newer
- Warnings Next Generation Plugin to version 8.4.3 or newer
- Warnings Plugin to version 5.0.2 or newer
As a temporary workaround, consider converting script return values or script binding content to a known safe type, such as
String, inside the sandboxed script to prevent potential issues with invocations of sandboxed scripts.
Exploit
Fix
Protection Mechanism Failure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Email Extension Plugin
Jenkins
Jenkins Script Security Plugin
Warnings Next Generation Plugin
Warnings Plugin