CVE-2023-49655

Name of the Vulnerable Software and Affected Versions Jenkins MATLAB Plugin versions 2.11.0 and earlier

Description A cross-site request forgery (CSRF) vulnerability allows attackers to have Jenkins parse an XML file from the Jenkins controller file system. The plugin determines whether a user-specified directory on the Jenkins controller is the location of a MATLAB installation by parsing an XML file in that directory. The plugin does not perform permission checks in several HTTP endpoints implementing related form validation, and these endpoints do not require POST requests. Additionally, the plugin does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing attackers to extract secrets from the Jenkins controller or perform server-side request forgery.

Recommendations For Jenkins MATLAB Plugin versions 2.11.0 and earlier, update to version 2.11.1 or later, which configures its XML parser to prevent XML external entity (XXE) attacks and requires POST requests and Item/Configure permission for the affected HTTP endpoints. As a temporary workaround, consider restricting access to the affected HTTP endpoints to minimize the risk of exploitation.