The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.7. It is, therefore, affected by multiple vulnerabilities including the following:
– Sandbox bypass vulnerability in Script Security Plugin (CVE-2023-24422)
– CSRF vulnerability in Gerrit Trigger Plugin (CVE-2023-24423)
– Session fixation vulnerability in OpenId Connect Authentication Plugin (CVE-2023-24424)
– Exposure of system-scoped Kubernetes credentials in Kubernetes Credentials Provider Plugin (CVE-2023-24425)
– Session fixation vulnerability in Azure AD Plugin (CVE-2023-24426)
– Session fixation vulnerability in Bitbucket OAuth Plugin (CVE-2023-24427)
– CSRF vulnerability in Bitbucket OAuth Plugin (CVE-2023-24428)
– Agent-to-controller security bypass in Semantic Versioning Plugin (CVE-2023-24429)
– XXE vulnerability on agents in Semantic Versioning Plugin (CVE-2023-24430)
– Missing permission checks in Orka by MacStadium Plugin allow enumerating credentials IDs (CVE-2023-24431)
– CSRF vulnerability and missing permission checks in Orka by MacStadium Plugin allow capturing credentials (CVE-2023-24432, CVE-2023-24433)
– CSRF vulnerability and missing permission checks in GitHub Pull Request Builder Plugin (CVE-2023-24434, CVE-2023-24435)
– Missing permission check in GitHub Pull Request Builder Plugin allows enumerating credentials IDs (CVE-2023-24436)
– CSRF vulnerability and missing permission checks in JIRA Pipeline Steps Plugin (CVE-2023-24437, CVE-2023-24438)
– Keys stored in plain text by JIRA Pipeline Steps Plugin (CVE-2023-24439, CVE-2023-24440)
– XXE vulnerability on agents in MSTest Plugin (CVE-2023-24441)
– Credentials stored in plain text by GitHub Pull Request Coverage Status Plugin (CVE-2023-24442)
– XXE vulnerability in TestComplete support Plugin (CVE-2023-24443)
– Session fixation vulnerability in OpenID Plugin (CVE-2023-24444)
– Open redirect vulnerability in OpenID Plugin (CVE-2023-24445)
– CSRF vulnerability in OpenID Plugin (CVE-2023-24446)
– CSRF vulnerability and missing permission check in RabbitMQ Consumer Plugin (CVE-2023-24447, CVE-2023-24448)
– Path traversal vulnerability in PWauth Security Realm Plugin (CVE-2023-24449)
– Passwords stored in plain text by view-cloner Plugin (CVE-2023-24450)
– Missing permission checks in Cisco Spark Notifier Plugin allow enumerating credentials IDs (CVE-2023-24451)
– CSRF vulnerability and missing permission check in TestQuality Updater Plugin (CVE-2023-24452, CVE-2023-24453)
– Password stored in plain text by TestQuality Updater Plugin (CVE-2023-24454)
– Path traversal vulnerability in visualexpert Plugin (CVE-2023-24455)
– Session fixation vulnerability in Keycloak Authentication Plugin (CVE-2023-24456)
– CSRF vulnerability in Keycloak Authentication Plugin (CVE-2023-24457)
– CSRF vulnerability and missing permission check in BearyChat Plugin (CVE-2023-24458, CVE-2023-24459)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More