#VU80937 Incorrect default permissions in Jenkins and Jenkins LTS - CVE-2023-43496


Vulnerability identifier: #VU80937

Vulnerability risk: Low

CVSSv4.0: 4.4 [CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-43496

CWE-ID: CWE-276

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Jenkins
Server applications / Application servers
Jenkins LTS
Server applications / Application servers

Vendor: Jenkins

Description

The vulnerability allows a local user to execute arbitrary code on the system.

The vulnerability exists due to the affected plugin creates the temporary file in the system temporary directory with the default permissions for newly created files. A local user can view contents of files and directories and execute arbitrary code on the target system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Jenkins: 1 - 240

Jenkins LTS: 1.409.1 - 2.414.1

External links
https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072
https://www.openwall.com/lists/oss-security/2023/09/20/5

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Oracle Communications Cloud Native Core Network Slice Selection Function
Multiple vulnerabilities in Oracle Communications Cloud Native Core Network Repository Function
Multiple vulnerabilities in Oracle Communications Cloud Native Core Automated Test Suite
Multiple vulnerabilities in Oracle Communications Cloud Native Core Security Edge Protection Proxy
Multiple vulnerabilities in IBM Cloud Pak for Business Automation
Multiple vulnerabilities in IBM Automation Decision Services
Multiple vulnerabilities in Jenkins and Jenkins LTS