The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.17. It is, therefore, affected by multiple vulnerabilities including the following:
– CSRF vulnerability and missing permission checks in Code Dx Plugin (CVE-2023-2195, CVE-2023-2631)
– Missing permission checks in Code Dx Plugin (CVE-2023-2196)
– API keys stored and displayed in plain text by Code Dx Plugin (CVE-2023-2632, CVE-2023-2633)
– Stored XSS vulnerability in Pipeline: Job Plugin (CVE-2023-32977)
– CSRF vulnerability in LDAP Plugin (CVE-2023-32978)
– Missing permission check in Email Extension Plugin (CVE-2023-32979)
– CSRF vulnerability in Email Extension Plugin (CVE-2023-32980)
– Arbitrary file write vulnerability on agents in Pipeline Utility Steps Plugin (CVE-2023-32981)
– Secrets stored and displayed in plain text by Ansible Plugin (CVE-2023-32982, CVE-2023-32983)
– Stored XSS vulnerability in TestNG Results Plugin (CVE-2023-32984)
– Path traversal vulnerability in Sidebar Link Plugin (CVE-2023-32985)
– Arbitrary file write vulnerability in File Parameter Plugin (CVE-2023-32986)
– CSRF vulnerability in Reverse Proxy Auth Plugin (CVE-2023-32987)
– Missing permission check in Azure VM Agents Plugin allows enumerating credentials IDs (CVE-2023-32988)
– CSRF vulnerability and missing permission checks in Azure VM Agents Plugin (CVE-2023-32989, CVE-2023-32990)
– CSRF vulnerability and missing permission checks in SAML Single Sign On(SSO) Plugin allow XXE (CVE-2023-32991, CVE-2023-32992)
– Missing hostname validation in SAML Single Sign On(SSO) Plugin (CVE-2023-32993)
– SSL/TLS certificate validation unconditionally disabled by SAML Single Sign On(SSO) Plugin (CVE-2023-32994)
– CSRF vulnerability and missing permission check in SAML Single Sign On(SSO) Plugin (CVE-2023-32995, CVE-2023-32996)
– Session fixation vulnerability in CAS Plugin (CVE-2023-32997)
– CSRF vulnerability and missing permission check in AppSpider Plugin (CVE-2023-32998, CVE-2023-32999)
– Credentials displayed without masking by NS-ND Integration Performance Publisher Plugin (CVE-2023-33000)
– Improper masking of credentials in HashiCorp Vault Plugin (CVE-2023-33001)
– Stored XSS vulnerability in TestComplete support Plugin (CVE-2023-33002)
– CSRF vulnerability and missing permission checks in Tag Profiler Plugin (CVE-2023-33003, CVE-2023-33004)
– Session fixation vulnerability in WSO2 Oauth Plugin (CVE-2023-33005)
– CSRF vulnerability in WSO2 Oauth Plugin (CVE-2023-33006)
– Stored XSS vulnerability in LoadComplete support Plugin (CVE-2023-33007)
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.Read More
References
Back to Main