OpenCVE

Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the application path of the applications when configuring a deployment, allowing attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller file system to the selected service.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Jenkins	Deployer Framework

Configuration 1 [-]

cpe:2.3:a:jenkins:deployer_framework:*:*:*:*:*:jenkins:*:*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2022/07/27/1
https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2764

History

No history.

MITRE

Status: PUBLISHED

Assigner: jenkins

Published: 2022-07-27T14:22:27

Updated: 2024-08-03T10:14:29.368Z

Reserved: 2022-07-27T00:00:00

Link: CVE-2022-36889

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-07-27T15:15:09.197

Modified: 2024-11-21T07:13:59.973

Link: CVE-2022-36889

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Jenkins Deployer Framework Plugin", "vendor": "Jenkins project", "versions": [{"lessThanOrEqual": "85.v1d1888e8c021", "status": "affected", "version": "unspecified", "versionType": "custom"}, {"status": "unaffected", "version": "1.3.1"}]}], "descriptions": [{"lang": "en", "value": "Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the application path of the applications when configuring a deployment, allowing attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller file system to the selected service."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T14:24:03.679Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2764"}, {"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "jenkinsci-cert@googlegroups.com", "ID": "CVE-2022-36889", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Jenkins Deployer Framework Plugin", "version": {"version_data": [{"version_affected": "<=", "version_value": "85.v1d1888e8c021"}, {"version_affected": "!", "version_value": "1.3.1"}]}}]}, "vendor_name": "Jenkins project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the application path of the applications when configuring a deployment, allowing attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller file system to the selected service."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"}]}]}, "references": {"reference_data": [{"name": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2764", "refsource": "CONFIRM", "url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2764"}, {"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:14:29.368Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2764"}, {"name": "[oss-security] 20220727 Multiple vulnerabilities in Jenkins plugins", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"}]}]}, "cveMetadata": {"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "assignerShortName": "jenkins", "cveId": "CVE-2022-36889", "datePublished": "2022-07-27T14:22:27", "dateReserved": "2022-07-27T00:00:00", "dateUpdated": "2024-08-03T10:14:29.368Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:deployer_framework:*:*:*:*:*:jenkins:*:*", "matchCriteriaId": "7E7BB6BA-19A3-43C8-99E5-062F07543F10", "versionEndIncluding": "85.v1d1888e8c021", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Jenkins Deployer Framework Plugin 85.v1d1888e8c021 and earlier does not restrict the application path of the applications when configuring a deployment, allowing attackers with Item/Configure permission to upload arbitrary files from the Jenkins controller file system to the selected service."}, {"lang": "es", "value": "Jenkins Deployer Framework Plugin versiones 85.v1d1888e8c021 y anteriores, no restringe la ruta de aplicaci\u00f3n de las aplicaciones cuando es configurado un despliegue, permitiendo a atacantes con permiso de Item/Configure cargar archivos arbitrarios desde el sistema de archivos del controlador de Jenkins al servicio seleccionado"}], "id": "CVE-2022-36889", "lastModified": "2024-11-21T07:13:59.973", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-07-27T15:15:09.197", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"}, {"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2764"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2022/07/27/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2022-07-27/#SECURITY-2764"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-22"}], "source": "nvd@nist.gov", "type": "Primary"}]}