[JENKINS:SECURITY-984-1] CSRF vulnerability and missing permission checks in HipChat Plugin allowed capturing credentials

Severity Medium

Affected Packages 2

Fixed Packages 2

CVEs 1

HipChat Plugin did not perform permission checks on a method that sends test notifications.
This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified HipChat server using attacker-specified connection settings and credentials IDs obtained through another method, capturing credentials stored in Jenkins, and submitting messages to HipChat.

Additionally, this form validation method did not require POST requests, resulting in a cross-site request forgery vulnerability.

This form validation method now require POST requests and Overall/Administer permissions.

Package	Affected Version
pkg:maven/org.jenkins-ci.plugins/hipchat	<= 2.2.0
pkg:github/jenkinsci/hipchat-plugin	<= 2.2.0

Package	Fixed Version
pkg:maven/org.jenkins-ci.plugins/hipchat	= 2.2.1
pkg:github/jenkinsci/hipchat-plugin	= 2.2.1

ID

JENKINS:SECURITY-984-1

Severity

medium

Published

2018-09-25T00:00:00
(6 years ago)

Modified

2018-09-25T00:00:00
(6 years ago)

Rights

Jenkins Security Team

Other Advisories

MAVEN:GHSA-W3F7-2QFW-348X

Source	# ID	Name	URL
Plugin repository		hipchat repository	https://github.com/jenkinsci/hipchat-plugin

Type	Package URL	Namespace	Name / Product	Version
Affected	pkg:maven/org.jenkins-ci.plugins/hipchat	org.jenkins-ci.plugins	hipchat	<= 2.2.0
Fixed	pkg:maven/org.jenkins-ci.plugins/hipchat	org.jenkins-ci.plugins	hipchat	= 2.2.1
Affected	pkg:github/jenkinsci/hipchat-plugin	jenkinsci	hipchat-plugin	<= 2.2.0
Fixed	pkg:github/jenkinsci/hipchat-plugin	jenkinsci	hipchat-plugin	= 2.2.1

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date