PT-2023-26209 · Mathworks+1 · Jenkins Mathworks Polyspace Plugin+1

Atorralba

Published

2023-07-12

Updated

2023-07-20

CVE-2023-37960

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Jenkins MathWorks Polyspace Plugin versions 1.0.5 and earlier

Description The issue allows attackers with Item/Configure permission to send emails with arbitrary files from the Jenkins controller file system. This is due to the lack of restriction on the path of attached files in the Polyspace Notification post-build step.

Recommendations For Jenkins MathWorks Polyspace Plugin versions 1.0.5 and earlier, consider restricting access to the Polyspace Notification post-build step to prevent attackers from sending emails with arbitrary files. As a temporary workaround, restrict the Item/Configure permission to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2023-37960

GHSA-Q6CQ-8R4J-6RJ5

Affected Products

Jenkins

Jenkins Mathworks Polyspace Plugin

PT-2023-26209 · Mathworks+1 · Jenkins Mathworks Polyspace Plugin+1

CVE-2023-37960

Weakness Enumeration

Related Identifiers

Affected Products

References · 7