{"containers": {"cna": {"affected": [{"product": "Jenkins Matrix Project Plugin", "vendor": "Jenkins project", "versions": [{"status": "affected", "version": "1.13 and earlier"}]}], "dateAssigned": "2019-03-06T00:00:00", "datePublic": "2019-03-08T00:00:00", "descriptions": [{"lang": "en", "value": "A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T16:45:06.564Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339"}, {"name": "107476", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/107476"}, {"name": "RHSA-2019:0739", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:0739"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "jenkinsci-cert@googlegroups.com", "DATE_ASSIGNED": "2019-03-06T22:44:37.384911", "ID": "CVE-2019-1003031", "REQUESTER": "ml@beckweb.net", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Jenkins Matrix Project Plugin", "version": {"version_data": [{"version_value": "1.13 and earlier"}]}}]}, "vendor_name": "Jenkins project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-693"}]}]}, "references": {"reference_data": [{"name": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339", "refsource": "CONFIRM", "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339"}, {"name": "107476", "refsource": "BID", "url": "http://www.securityfocus.com/bid/107476"}, {"name": "RHSA-2019:0739", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0739"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T03:00:19.269Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339"}, {"name": "107476", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/107476"}, {"name": "RHSA-2019:0739", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:0739"}]}]}, "cveMetadata": {"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "assignerShortName": "jenkins", "cveId": "CVE-2019-1003031", "datePublished": "2019-03-08T21:00:00", "dateReserved": "2019-03-08T00:00:00", "dateUpdated": "2024-08-05T03:00:19.269Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:matrix_project:*:*:*:*:*:jenkins:*:*", "matchCriteriaId": "40E738F7-FAE2-4961-A57B-6EBA6A0C5EDC", "versionEndIncluding": "1.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*", "matchCriteriaId": "2F87326E-0B56-4356-A889-73D026DB1D4B", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM."}, {"lang": "es", "value": "Existe una vulnerabilidad de omisi\u00f3n de sandbox en el plugin Jenkins Matrix Project, en versiones 1.13 y anteriores, en pom.xml, src/main/java/hudson/matrix/FilterScript.java, que permite a los atacantes con permisos de \"Job/Configure\" ejecutar c\u00f3digo arbitrario en el maestro JVM de Jenkins."}], "id": "CVE-2019-1003031", "lastModified": "2023-10-25T18:16:03.140", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-03-08T21:29:00.373", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/107476"}, {"source": "jenkinsci-cert@googlegroups.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0739"}, {"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2019:0739", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "jenkins-2-plugins-0:3.11.1552336312-1.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2019-04-10T00:00:00Z"}], "bugzilla": {"description": "jenkins-matrix-project-plugin: sandbox bypass in matrix project plugin", "id": "1689886", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1689886"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-96", "details": ["A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM.", "A flaw was found in the Jenkins Matrix Project plugin version 1.13. An attacker with Job/Configure permission can bypass the sandbox and can execute arbitrary code on the Jenkins master JVM. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."], "name": "CVE-2019-1003031", "package_state": [{"cpe": "cpe:/a:redhat:openshift:3.10", "fix_state": "Will not fix", "package_name": "jenkins-2-plugins", "product_name": "Red Hat OpenShift Container Platform 3.10"}, {"cpe": "cpe:/a:redhat:openshift:3.6", "fix_state": "Will not fix", "package_name": "jenkins-2-plugins", "product_name": "Red Hat OpenShift Container Platform 3.6"}, {"cpe": "cpe:/a:redhat:openshift:3.7", "fix_state": "Will not fix", "package_name": "jenkins-2-plugins", "product_name": "Red Hat OpenShift Container Platform 3.7"}, {"cpe": "cpe:/a:redhat:openshift:3.9", "fix_state": "Will not fix", "package_name": "jenkins-2-plugins", "product_name": "Red Hat OpenShift Container Platform 3.9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "jenkins-2-plugins", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2019-03-06T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-1003031\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-1003031\nhttps://jenkins.io/security/advisory/2019-03-06/#SECURITY-1339"], "threat_severity": "Important", "upstream_fix": "jenkins-plugin-matrix-project 1.14"}