{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-43494", "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "state": "PUBLISHED", "assignerShortName": "jenkins", "dateReserved": "2023-09-19T09:22:58.129Z", "datePublished": "2023-09-20T16:06:08.742Z", "dateUpdated": "2024-08-02T19:44:42.278Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Jenkins", "vendor": "Jenkins Project", "versions": [{"lessThan": "2.50", "status": "unaffected", "version": "0", "versionType": "maven"}, {"lessThan": "*", "status": "unaffected", "version": "2.424", "versionType": "maven"}, {"lessThan": "2.414.*", "status": "unaffected", "version": "2.414.2", "versionType": "maven"}]}], "descriptions": [{"lang": "en", "value": "Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not exclude sensitive build variables (e.g., password parameter values) from the search in the build history widget, allowing attackers with Item/Read permission to obtain values of sensitive variables used in builds by iteratively testing different characters until the correct sequence is discovered."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T12:51:59.931Z"}, "references": [{"name": "Jenkins Security Advisory 2023-09-20", "tags": ["vendor-advisory"], "url": "https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3261"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/20/5"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T19:44:42.278Z"}, "title": "CVE Program Container", "references": [{"name": "Jenkins Security Advisory 2023-09-20", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3261"}, {"url": "http://www.openwall.com/lists/oss-security/2023/09/20/5", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", "matchCriteriaId": "5429075A-09F1-4F3C-A487-A9DF0A08B28B", "versionEndExcluding": "2.424", "versionStartIncluding": "2.50", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "matchCriteriaId": "9A7FCC84-AD94-48E6-AE0A-96C73A8E4614", "versionEndExcluding": "2.414.2", "versionStartIncluding": "2.60.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not exclude sensitive build variables (e.g., password parameter values) from the search in the build history widget, allowing attackers with Item/Read permission to obtain values of sensitive variables used in builds by iteratively testing different characters until the correct sequence is discovered."}, {"lang": "es", "value": "Jenkins 2.50 a 2.423 (ambos inclusive), LTS 2.60.1 a 2.414.1 (ambos inclusive) no excluye variables de compilaci\u00f3n confidenciales (por ejemplo, valores de par\u00e1metros de contrase\u00f1a) de la b\u00fasqueda en el widget del historial de compilaci\u00f3n, lo que permite a los atacantes con permiso de elemento/lectura. para obtener valores de variables sensibles utilizadas en compilaciones probando iterativamente diferentes caracteres hasta que se descubre la secuencia correcta."}], "id": "CVE-2023-43494", "lastModified": "2023-09-25T13:43:35.503", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-09-20T17:15:11.667", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2023/09/20/5"}, {"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3261"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "jenkins: Builds can be filtered by values of sensitive build variables", "id": "2239934", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2239934"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-625", "details": ["Jenkins 2.50 through 2.423 (both inclusive), LTS 2.60.1 through 2.414.1 (both inclusive) does not exclude sensitive build variables (e.g., password parameter values) from the search in the build history widget, allowing attackers with Item/Read permission to obtain values of sensitive variables used in builds by iteratively testing different characters until the correct sequence is discovered.", "A flaw was found in Jenkins weekly and LTS caused by not excluding sensitive build variables when filtering builds in the build history widget. By sending a specially crafted request, a remote, authenticated attacker could obtain values of sensitive variables used in builds and use this information to launch further attacks against the affected system."], "name": "CVE-2023-43494", "package_state": [{"cpe": "cpe:/a:redhat:ocp_tools", "fix_state": "Affected", "package_name": "jenkins", "product_name": "OpenShift Developer Tools and Services"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "jenkins", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "jenkins", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2023-09-20T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-43494\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-43494"], "threat_severity": "Moderate", "upstream_fix": "jenkins 2.424, jenkins LTS 2.414.2"}