{"containers": {"cna": {"affected": [{"product": "Jenkins", "vendor": "Jenkins project", "versions": [{"lessThanOrEqual": "2.213", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"lessThanOrEqual": "LTS 2.204.1", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T16:04:53.193Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"}, {"name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"}, {"name": "RHSA-2020:0681", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0681"}, {"name": "RHSA-2020:0683", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2020:0683"}, {"name": "RHBA-2020:0402", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2020:0402"}, {"name": "RHBA-2020:0675", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHBA-2020:0675"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "jenkinsci-cert@googlegroups.com", "ID": "CVE-2020-2099", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Jenkins", "version": {"version_data": [{"version_affected": "<=", "version_value": "2.213"}, {"version_affected": "<=", "version_value": "LTS 2.204.1"}]}}]}, "vendor_name": "Jenkins project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-323: Reusing a Nonce, Key Pair in Encryption"}]}]}, "references": {"reference_data": [{"name": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682", "refsource": "CONFIRM", "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"}, {"name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"}, {"name": "RHSA-2020:0681", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2020:0681"}, {"name": "RHSA-2020:0683", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2020:0683"}, {"name": "RHBA-2020:0402", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2020:0402"}, {"name": "RHBA-2020:0675", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHBA-2020:0675"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T07:01:39.729Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"}, {"name": "[oss-security] 20200129 Multiple vulnerabilities in Jenkins and Jenkins plugins", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"}, {"name": "RHSA-2020:0681", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2020:0681"}, {"name": "RHSA-2020:0683", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2020:0683"}, {"name": "RHBA-2020:0402", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHBA-2020:0402"}, {"name": "RHBA-2020:0675", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHBA-2020:0675"}]}]}, "cveMetadata": {"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "assignerShortName": "jenkins", "cveId": "CVE-2020-2099", "datePublished": "2020-01-29T15:15:27", "dateReserved": "2019-12-05T00:00:00", "dateUpdated": "2024-08-04T07:01:39.729Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "matchCriteriaId": "EAACE161-BE2D-4BB8-9795-3D76F19433C1", "versionEndIncluding": "2.204.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", "matchCriteriaId": "F0F83033-6C48-4AF2-BB2A-157A09D79538", "versionEndIncluding": "2.218", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents."}, {"lang": "es", "value": "Jenkins versiones 2.213 y anteriores, versiones LTS 2.204.1 y anteriores, reutilizan inapropiadamente los par\u00e1metros de clave de cifrado en el Inbound TCP Agent Protocol/3, permitiendo a atacantes no autorizados con conocimiento de los nombres de los agentes obtener los secretos de conexi\u00f3n para esos agentes, que pueden ser usados para conectar con Jenkins , haci\u00e9ndose pasar por esos agentes."}], "id": "CVE-2020-2099", "lastModified": "2023-10-25T18:16:29.113", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-29T16:15:12.037", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2020/01/29/1"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://access.redhat.com/errata/RHBA-2020:0402"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://access.redhat.com/errata/RHBA-2020:0675"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://access.redhat.com/errata/RHSA-2020:0681"}, {"source": "jenkinsci-cert@googlegroups.com", "url": "https://access.redhat.com/errata/RHSA-2020:0683"}, {"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://jenkins.io/security/advisory/2020-01-29/#SECURITY-1682"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-330"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-enterprise-service-catalog-1:3.11.170-1.git.1.91db82e.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-0:3.11.170-1.git.0.00cac56.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-cluster-autoscaler-0:3.11.170-1.git.1.0a0df6a.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-descheduler-0:3.11.170-1.git.1.9ad83f2.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-dockerregistry-0:3.11.170-1.git.1.55fab05.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-metrics-server-0:3.11.170-1.git.1.357f177.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-node-problem-detector-0:3.11.170-1.git.1.b1f90a6.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-service-idler-0:3.11.170-1.git.1.8328979.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "atomic-openshift-web-console-0:3.11.170-1.git.1.3d64e8b.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "cri-o-0:1.11.16-0.5.dev.rhaos3.11.git3f89eba.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "golang-github-openshift-oauth-proxy-0:3.11.170-1.git.1.b49be83.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "golang-github-prometheus-alertmanager-0:3.11.170-1.git.1.61d7960.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "golang-github-prometheus-node_exporter-0:3.11.170-1.git.1.51473b7.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "golang-github-prometheus-prometheus-0:3.11.170-1.git.1.227bc98.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "jenkins-0:2.204.2.1580891656-1.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "jenkins-2-plugins-0:3.11.1579107288-1.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "openshift-ansible-0:3.11.170-2.git.5.8802564.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "openshift-enterprise-autoheal-0:3.11.170-1.git.1.dfe6c52.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "openshift-enterprise-cluster-capacity-0:3.11.170-1.git.1.661684b.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0402", "cpe": "cpe:/a:redhat:openshift:3.11::el7", "package": "openshift-kuryr-0:3.11.170-1.git.1.7265da1.el7", "product_name": "Red Hat OpenShift Container Platform 3.11", "release_date": "2020-02-19T00:00:00Z"}, {"advisory": "RHBA-2020:0675", "cpe": "cpe:/a:redhat:openshift:4.3::el7", "package": "jenkins-0:2.204.2.1583446818-1.el7", "product_name": "Red Hat OpenShift Container Platform 4.3", "release_date": "2020-03-10T00:00:00Z"}], "bugzilla": {"description": "jenkins: Inbound TCP Agent Protocol/3 authentication bypass", "id": "1797080", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1797080"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.6", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:L", "status": "verified"}, "cwe": "CWE-305", "details": ["Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents.", "A flaw was found in Jenkins. Encryption key parameters are improperly reused in the Inbound TCP Agent Protocol/3 allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents. The highest threat from this vulnerability is to data confidentiality."], "name": "CVE-2020-2099", "public_date": "2020-01-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-2099\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-2099"], "threat_severity": "Important", "upstream_fix": "jenkins 2.219, jenkins LTS 2.204.2"}