Allele Security Alert
ASA-2019-00613
Identifier(s)
ASA-2019-00613, CVE-2019-10473, SECURITY-1014 (2)
Title
Users with Overall/Read access could enumerate credential IDs
Vendor(s)
Philipp Bartsch
Marco Mornati
Nigel Magnay
Product(s)
Jenkins Libvirt Slaves Plugin
Affected version(s)
Jenkins Libvirt Slaves Plugin versions up to and including 1.8.5
Fixed version(s)
Unknown
Proof of concept
Unknown
Description
Jenkins Libvirt Slaves Plugin provides a list of applicable credential IDs to allow users configuring the plugin to select the one to use.
This functionality does not correctly check permissions, allowing any user with Overall/Read permission to get a list of valid credentials IDs. Those can be used as part of an attack to capture the credentials using another vulnerability.
Technical details
Unknown
Credits
Oleg Nenashev (CloudBees, Inc)
Reference(s)
Jenkins Security Advisory 2019-10-23
https://jenkins.io/security/advisory/2019-10-23/#SECURITY-1014 (2)
Jenkins security advisory
https://groups.google.com/d/msg/jenkinsci-advisories/KCv6eDsiV3Y/GNr0aDC3AQAJ
oss-security – Multiple vulnerabilities in Jenkins plugins
https://www.openwall.com/lists/oss-security/2019/10/23/2
Jenkins Plugins
https://plugins.jenkins.io/libvirt-slave
CVE-2019-10473
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10473
CVE-2019-10473
https://nvd.nist.gov/vuln/detail/CVE-2019-10473
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: December 5, 2019