PT-2023-28175 · Jenkins · Jenkins Bitbucket Push/Pull Request Plugin+1

Alvaro Muã±Oz

Published

2023-09-06

Updated

2023-09-11

CVE-2023-41937

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Jenkins Bitbucket Push and Pull Request Plugin versions 2.4.0 through 2.8.3

Description The issue allows attackers to capture Bitbucket credentials stored in Jenkins by sending a crafted webhook payload. This is possible because the plugin trusts values provided in the webhook payload, including certain URLs, and uses configured Bitbucket credentials to connect to those URLs.

Recommendations For Jenkins Bitbucket Push and Pull Request Plugin versions 2.4.0 through 2.8.3, update to a version that fixes the issue, as the current versions trust values provided in the webhook payload, allowing potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

SSRF

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-918

Related Identifiers

CVE-2023-41937

GHSA-VRPG-C7C4-8MPX

Affected Products

Jenkins

Jenkins Bitbucket Push/Pull Request Plugin

PT-2023-28175 · Jenkins · Jenkins Bitbucket Push/Pull Request Plugin+1

CVE-2023-41937

Weakness Enumeration

Related Identifiers

Affected Products

References · 11