CVE-2023-24438 - Vulnerability Details - OpenCVE

A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Jenkins	Jira Pipeline Steps

Configuration 1 [-]

cpe:2.3:a:jenkins:jira_pipeline_steps:*:*:*:*:*:jenkins:*:*

No data.

References

Link	Providers
https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2786

History

Wed, 02 Apr 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: jenkins

Published: 2023-01-24T00:00:00.000Z

Updated: 2025-04-02T13:57:41.156Z

Reserved: 2023-01-23T00:00:00.000Z

Link: CVE-2023-24438

Vulnrichment

Updated: 2024-08-02T10:56:04.155Z

NVD

Status : Modified

Published: 2023-01-26T21:18:17.723

Modified: 2025-04-02T14:15:38.830

Link: CVE-2023-24438

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2023-24438", "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "assignerShortName": "jenkins", "dateUpdated": "2025-04-02T13:57:41.156Z", "dateReserved": "2023-01-23T00:00:00.000Z", "datePublished": "2023-01-24T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"product": "Jenkins JIRA Pipeline Steps Plugin", "vendor": "Jenkins Project", "versions": [{"lessThanOrEqual": "2.0.165.v8846cf59f3db", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThan": "unspecified", "status": "unknown", "version": "next of 2.0.165.v8846cf59f3db", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T12:48:28.552Z"}, "references": [{"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2786"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:56:04.155Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2786", "tags": ["x_transferred"]}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-862", "lang": "en", "description": "CWE-862 Missing Authorization"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2025-04-02T13:57:15.417826Z", "id": "CVE-2023-24438", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-02T13:57:41.156Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2786", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T10:56:04.155Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-24438", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-04-02T13:57:15.417826Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-862", "description": "CWE-862 Missing Authorization"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-02T13:57:37.218Z"}}], "cna": {"affected": [{"vendor": "Jenkins Project", "product": "Jenkins JIRA Pipeline Steps Plugin", "versions": [{"status": "affected", "version": "unspecified", "versionType": "custom", "lessThanOrEqual": "2.0.165.v8846cf59f3db"}, {"status": "unknown", "version": "next of 2.0.165.v8846cf59f3db", "lessThan": "unspecified", "versionType": "custom"}]}], "references": [{"url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2786"}], "descriptions": [{"lang": "en", "value": "A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T12:48:28.552Z"}}}, "cveMetadata": {"cveId": "CVE-2023-24438", "state": "PUBLISHED", "dateUpdated": "2025-04-02T13:57:41.156Z", "dateReserved": "2023-01-23T00:00:00.000Z", "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "datePublished": "2023-01-24T00:00:00.000Z", "assignerShortName": "jenkins"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:jira_pipeline_steps:*:*:*:*:*:jenkins:*:*", "matchCriteriaId": "DA2750F7-7098-4B8F-99BA-D60EACDB441F", "versionEndIncluding": "2.0.165.v8846cf59f3db", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A missing permission check in Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins."}, {"lang": "es", "value": "Una verificaci\u00f3n de permiso faltante en el complemento JIRA Pipeline Steps de Jenkins en su versi\u00f3n 2.0.165.v8846cf59f3db y anteriores permite a atacantes con permiso general/lectura conectarse a una URL especificada por el atacante utilizando ID de credenciales especificadas por el atacante obtenidas a trav\u00e9s de otro m\u00e9todo, capturando las credenciales almacenadas en Jenkins."}], "id": "CVE-2023-24438", "lastModified": "2025-04-02T14:15:38.830", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2023-01-26T21:18:17.723", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2786"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2023-01-24/#SECURITY-2786"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-862"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}