SB2019030702 - SSRF in Jenkins Bitbar Run-in-Cloud plugin
Published: March 7, 2019
Security Bulletin ID
SB2019030702
Severity
Medium
Patch available
YES
Number of vulnerabilities
1
Exploitation vector
Remote access
Highest impact
Information disclosure
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Server-side request forgery (CVE-ID: N/A)
The vulnerability allows a remote attacker to bypass certain security restrictions.
The vulnerability exists due to a missing permission check in a method performing both form validation and saving new configuration in Bitbar Run-in-Cloud Plugin. A remote attacker with Overall/Read access can initiate a Jenkins master to connect to an attacker-specified host with attacker-specified credentials, and, if successful, save that as the new configuration for the plugin.Successful exploitation of the vulnerability may result in future builds submitting their data to an unauthorized remote server.
Note, this vulnerability can be exploited via CSRF vector.
Remediation
Install update from vendor's website.