{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-43044", "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "state": "PUBLISHED", "assignerShortName": "jenkins", "dateReserved": "2024-08-05T12:46:38.501Z", "datePublished": "2024-08-07T13:27:11.438Z", "dateUpdated": "2024-08-07T17:29:40.580Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2024-08-07T13:27:11.438Z"}, "affected": [{"vendor": "Jenkins Project", "product": "Jenkins", "versions": [{"version": "2.452.4", "versionType": "maven", "lessThan": "2.452.*", "status": "unaffected"}, {"version": "2.462.1", "versionType": "maven", "lessThan": "2.462.*", "status": "unaffected"}, {"version": "2.471", "versionType": "maven", "lessThan": "*", "status": "unaffected"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library."}], "references": [{"name": "Jenkins Security Advisory 2024-08-07", "url": "https://www.jenkins.io/security/advisory/2024-08-07/#SECURITY-3430", "tags": ["vendor-advisory"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-07T17:28:25.431874Z", "id": "CVE-2024-43044", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-07T17:29:40.580Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-43044", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-07T17:28:25.431874Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-07T17:28:32.386Z"}}], "cna": {"affected": [{"vendor": "Jenkins Project", "product": "Jenkins", "versions": [{"status": "unaffected", "version": "2.452.4", "lessThan": "2.452.*", "versionType": "maven"}, {"status": "unaffected", "version": "2.462.1", "lessThan": "2.462.*", "versionType": "maven"}, {"status": "unaffected", "version": "2.471", "lessThan": "*", "versionType": "maven"}], "defaultStatus": "affected"}], "references": [{"url": "https://www.jenkins.io/security/advisory/2024-08-07/#SECURITY-3430", "name": "Jenkins Security Advisory 2024-08-07", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2024-08-07T13:27:11.438Z"}}}, "cveMetadata": {"cveId": "CVE-2024-43044", "state": "PUBLISHED", "dateUpdated": "2024-08-07T17:29:40.580Z", "dateReserved": "2024-08-05T12:46:38.501Z", "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "datePublished": "2024-08-07T13:27:11.438Z", "assignerShortName": "jenkins"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "matchCriteriaId": "0041C764-EA61-4445-9696-65E22A678FD2", "versionEndExcluding": "2.452.4", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", "matchCriteriaId": "1139DB12-D88F-4E0D-B22F-2A147B1EFD31", "versionEndExcluding": "2.471", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library."}, {"lang": "es", "value": "Jenkins 2.470 y anteriores, LTS 2.452.3 y anteriores permiten que los procesos del agente lean archivos arbitrarios del sistema de archivos del controlador Jenkins mediante el m\u00e9todo `ClassLoaderProxy#fetchJar` en la librer\u00eda Remoting."}], "id": "CVE-2024-43044", "lastModified": "2024-08-16T17:19:30.643", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-08-07T14:15:33.000", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2024-08-07/#SECURITY-3430"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-754"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:5410", "cpe": "cpe:/a:redhat:ocp_tools:4.12::el8", "package": "jenkins-0:2.462.1.1723550696-3.el8", "product_name": "OCP-Tools-4.12-RHEL-8", "release_date": "2024-08-14T00:00:00Z"}, {"advisory": "RHSA-2024:5410", "cpe": "cpe:/a:redhat:ocp_tools:4.12::el8", "package": "jenkins-2-plugins-0:4.12.1723550778-1.el8", "product_name": "OCP-Tools-4.12-RHEL-8", "release_date": "2024-08-14T00:00:00Z"}, {"advisory": "RHSA-2024:5406", "cpe": "cpe:/a:redhat:ocp_tools:4.13::el8", "package": "jenkins-0:2.462.1.1723445923-3.el8", "product_name": "OCP-Tools-4.13-RHEL-8", "release_date": "2024-08-14T00:00:00Z"}, {"advisory": "RHSA-2024:5406", "cpe": "cpe:/a:redhat:ocp_tools:4.13::el8", "package": "jenkins-2-plugins-0:4.13.1723446018-1.el8", "product_name": "OCP-Tools-4.13-RHEL-8", "release_date": "2024-08-14T00:00:00Z"}, {"advisory": "RHSA-2024:5411", "cpe": "cpe:/a:redhat:ocp_tools:4.14::el8", "package": "jenkins-0:2.462.1.1723225151-3.el8", "product_name": "OCP-Tools-4.14-RHEL-8", "release_date": "2024-08-14T00:00:00Z"}, {"advisory": "RHSA-2024:5411", "cpe": "cpe:/a:redhat:ocp_tools:4.14::el8", "package": "jenkins-2-plugins-0:4.14.1723225212-1.el8", "product_name": "OCP-Tools-4.14-RHEL-8", "release_date": "2024-08-14T00:00:00Z"}, {"advisory": "RHSA-2024:5405", "cpe": "cpe:/a:redhat:ocp_tools:4.15::el8", "package": "jenkins-0:2.462.1.1723440104-3.el8", "product_name": "OCP-Tools-4.15-RHEL-8", "release_date": "2024-08-14T00:00:00Z"}, {"advisory": "RHSA-2024:5405", "cpe": "cpe:/a:redhat:ocp_tools:4.15::el8", "package": "jenkins-2-plugins-0:4.15.1723440333-1.el8", "product_name": "OCP-Tools-4.15-RHEL-8", "release_date": "2024-08-14T00:00:00Z"}], "bugzilla": {"description": "jenkins: Arbitrary file read vulnerability through agent connections can lead to RCE", "id": "2303466", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2303466"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.8", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-22", "details": ["Jenkins 2.470 and earlier, LTS 2.452.3 and earlier allows agent processes to read arbitrary files from the Jenkins controller file system by using the `ClassLoaderProxy#fetchJar` method in the Remoting library.", "A vulnerability was found in the Remoting library in Jenkins core, which handles communication between the Jenkins controller and agents. The ClassLoaderProxy#fetchJar function may allow malicious agents or attackers with Agent/Connect permission to read arbitrary files from the Jenkins controller's file system due to insufficient path restrictions permissions, which could lead to Privilege Escalation and Remote Code Execution (RCE)"], "mitigation": {"lang": "en:us", "value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."}, "name": "CVE-2024-43044", "package_state": [{"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "jenkins", "product_name": "Red Hat OpenShift Container Platform 3.11"}], "public_date": "2024-08-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-43044\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-43044\nhttps://www.jenkins.io/security/advisory/2024-08-07/#SECURITY-3430"], "statement": "This vulnerability is classified as critical because it could allow remote code execution (RCE). Additionally, this vulnerability may enable an attacker to read arbitrary files from the Jenkins controller, resulting in a significant exposure of confidential information, compromising the overall integrity of the Jenkins instance.", "threat_severity": "Critical"}