1. Home
  2. Security Advisories
  3. Jenkins
  4. JENKINS:SECURITY-2790-2

[JENKINS:SECURITY-2790-2] CSRF vulnerability and missing permission check in `coverity` allow capturing credentials

Severity High
Affected Packages 2
CVEs 2
Info Packages References Vulnerabilities

coverity 1.11.4 and earlier does not perform a permission check in an HTTP endpoint.

This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Additionally, this HTTP endpoint does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

As of publication of this advisory, there is no fix.

Package Affected Version
pkg:maven/org.jenkins-ci.plugins/coverity <= 1.11.4
pkg:github/jenkinsci/coverity-plugin <= 1.11.4
ID
JENKINS:SECURITY-2790-2
Severity
high
Published
2022-07-27T00:00:00
(2 years ago)
Modified
2022-07-27T00:00:00
(2 years ago)
Rights
Jenkins Security Team
Other Advisories
Source # ID Name URL
Plugin repository coverity repository https://github.com/jenkinsci/coverity-plugin
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:maven/org.jenkins-ci.plugins/coverity org.jenkins-ci.plugins coverity <= 1.11.4
Affected pkg:github/jenkinsci/coverity-plugin jenkinsci coverity-plugin <= 1.11.4
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date