CVE-2023-43496

Name of the Vulnerable Software and Affected Versions Jenkins versions 2.423 and earlier, LTS versions 2.414.1 and earlier

Description The issue is related to the creation of a temporary file in the system temporary directory with default permissions when installing a plugin from a URL. This potentially allows attackers with access to the system temporary directory to replace the file before it is installed in Jenkins, resulting in arbitrary code execution. The vulnerability is particularly relevant on operating systems that use a shared temporary directory for all users, such as Linux. However, the default permissions for newly created files generally only allow attackers to read the temporary file, not write to it.

Recommendations For Jenkins versions 2.423 and earlier, LTS versions 2.414.1 and earlier, update to Jenkins 2.424 or LTS 2.414.2, which creates the temporary file in a subdirectory with more restrictive permissions. As a temporary workaround for those unable to immediately update Jenkins, consider changing the default temporary-file directory using the Java system property java.io.tmpdir to minimize the risk of exploitation.