Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2024-23898

UNKNOWN
Published 2024-01-24T17:52:23.492Z
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-23898. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking (CSWSH) vulnerability, allowing attackers to execute CLI commands on the Jenkins controller.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Jenkins Project

Jenkins

Affected Versions:

0 2.442 2.426.3 2.440.1

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

✓ GitHub Reviewed HIGH

Cross-site WebSocket hijacking vulnerability in the Jenkins CLI

GHSA-53ph-2r2x-vqw8

Advisory Details

Jenkins has a built-in command line interface (CLI) to access Jenkins from a script or shell environment. Since Jenkins 2.217 and LTS 2.222.1, one of the ways to communicate with the CLI is through a WebSocket endpoint. This endpoint relies on the default Jenkins web request authentication functionality, like HTTP Basic authentication with API tokens, or session cookies. This endpoint is enabled when running on a version of Jetty for which Jenkins supports WebSockets. This is the case when using the provided native installers, packages, or the Docker containers, as well as when running Jenkins with the command java -jar jenkins.war. Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does not perform origin validation of requests made through the CLI WebSocket endpoint, resulting in a cross-site WebSocket hijacking (CSWSH) vulnerability.

Affected Packages

Maven org.jenkins-ci.main:jenkins-core
ECOSYSTEM: ≥2.217 <2.426.3
Maven org.jenkins-ci.main:jenkins-core
ECOSYSTEM: ≥2.427 <2.442
Maven org.jenkins-ci.main:jenkins-core

CVSS Scoring

CVSS Score

7.5

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-23898
WEB https://github.com/jenkinsci/jenkins/commit/de450967f38398169650b55c002f1229a3fcdb1b
PACKAGE https://github.com/jenkinsci/jenkins
WEB https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315
WEB https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins
WEB http://www.openwall.com/lists/oss-security/2024/01/24/6

Advisory provided by GitHub Security Advisory Database. Published: January 24, 2024, Modified: May 14, 2024

References

https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3315
https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/
http://www.openwall.com/lists/oss-security/2024/01/24/6
Published: 2024-01-24T17:52:23.492Z
Last Modified: 2024-08-01T23:13:08.509Z
Copied to clipboard!