Allele Security Alert
ASA-2019-00610
Identifier(s)
ASA-2019-00610, CVE-2019-10470, SECURITY-1005 (2)
Title
Users with Overall/Read access could enumerate credential IDs
Vendor(s)
Gustavo Llorente
Guillermo Sanchez Urien
Product(s)
Jenkins ElasticBox Kubernetes CI/CD Plugin
Affected version(s)
Jenkins ElasticBox Kubernetes CI/CD Plugin versions up to and including 1.3
Fixed version(s)
Unknown
Proof of concept
Unknown
Description
Jenkins ElasticBox Kubernetes CI/CD Plugin provides a list of applicable credential IDs to allow users configuring the plugin to select the one to use.
This functionality does not correctly check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those can be used as part of an attack to capture the credentials using another vulnerability.
Technical details
Unknown
Credits
Oleg Nenashev (CloudBees, Inc)
Reference(s)
Jenkins Security Advisory 2019-10-23
https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1005 (2)
Jenkins security advisory
https://groups.google.com/d/msg/jenkinsci-advisories/KCv6eDsiV3Y/GNr0aDC3AQAJ
oss-security – Multiple vulnerabilities in Jenkins plugins
https://www.openwall.com/lists/oss-security/2019/10/23/2
Jenkins Plugins
https://plugins.jenkins.io/kubernetes-ci
CVE-2019-10470
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10470
CVE-2019-10470
https://nvd.nist.gov/vuln/detail/CVE-2019-10470
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: December 6, 2019