CVE-2023-27899

Name of the Vulnerable Software and Affected Versions Jenkins versions 2.393 and earlier Jenkins LTS versions 2.375.3 and earlier

Description The issue arises when Jenkins creates a temporary file in the default temporary directory with default permissions for newly created files during plugin installation. This potentially allows attackers with access to the Jenkins controller file system to read and write the file before it is used, which could result in arbitrary code execution. The vulnerability is particularly relevant on operating systems that use a shared temporary directory for all users, such as Linux. Typically, the default permissions only allow attackers to read the temporary file.

Recommendations For Jenkins versions 2.393 and earlier, update to version 2.394 or later to resolve the issue. For Jenkins LTS versions 2.375.3 and earlier, update to version 2.375.4 or later, or version 2.387.1 or later, to resolve the issue. As a temporary workaround for those unable to immediately update Jenkins, consider setting a different path as the default temporary directory using the Java system property java.io.tmpdir.