{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-47804", "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "state": "PUBLISHED", "assignerShortName": "jenkins", "dateReserved": "2024-10-01T20:59:52.483Z", "datePublished": "2024-10-02T15:35:03.020Z", "dateUpdated": "2024-10-07T08:19:39.312Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2024-10-07T08:19:39.312Z"}, "affected": [{"vendor": "Jenkins Project", "product": "Jenkins", "versions": [{"version": "2.462.3", "versionType": "maven", "lessThan": "2.462.*", "status": "unaffected"}, {"version": "2.479", "versionType": "maven", "lessThan": "*", "status": "unaffected"}], "defaultStatus": "affected"}], "descriptions": [{"lang": "en", "value": "If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction."}], "references": [{"name": "Jenkins Security Advisory 2024-10-02", "url": "https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3448", "tags": ["vendor-advisory"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-10-02T16:31:07.297191Z", "id": "CVE-2024-47804", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-02T16:31:20.670Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-47804", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-10-02T16:31:07.297191Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-10-02T16:31:14.661Z"}}], "cna": {"affected": [{"vendor": "Jenkins Project", "product": "Jenkins", "versions": [{"status": "unaffected", "version": "2.462.3", "lessThan": "2.462.*", "versionType": "maven"}, {"status": "unaffected", "version": "2.479", "lessThan": "*", "versionType": "maven"}], "defaultStatus": "affected"}], "references": [{"url": "https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3448", "name": "Jenkins Security Advisory 2024-10-02", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2024-10-07T08:19:39.312Z"}}}, "cveMetadata": {"cveId": "CVE-2024-47804", "state": "PUBLISHED", "dateUpdated": "2024-10-07T08:19:39.312Z", "dateReserved": "2024-10-01T20:59:52.483Z", "assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "datePublished": "2024-10-02T15:35:03.020Z", "assignerShortName": "jenkins"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "matchCriteriaId": "3DA7AA45-38D7-4467-99C6-A34C63603CF9", "versionEndExcluding": "2.462.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", "matchCriteriaId": "F3B756C9-D72A-42D2-8E00-C4DF866AA11A", "versionEndExcluding": "2.479", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction."}, {"lang": "es", "value": "Si se intenta crear un elemento de un tipo prohibido por `ACL#hasCreatePermission2` o `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` a trav\u00e9s de la CLI de Jenkins o la API REST y cualquiera de estas comprobaciones falla, Jenkins 2.478 y anteriores, LTS 2.462.2 y anteriores crean el elemento en la memoria, solo elimin\u00e1ndolo del disco, lo que permite a los atacantes con permiso de Elemento/Configurar guardar el elemento para persistirlo, eludiendo efectivamente la restricci\u00f3n de creaci\u00f3n de elementos."}], "id": "CVE-2024-47804", "lastModified": "2024-11-13T17:28:49.420", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-10-02T16:15:10.697", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3448"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2024:8886", "cpe": "cpe:/a:redhat:ocp_tools:4.12::el8", "package": "jenkins-0:2.462.3.1730119132-3.el8", "product_name": "OCP-Tools-4.12-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8886", "cpe": "cpe:/a:redhat:ocp_tools:4.12::el8", "package": "jenkins-2-plugins-0:4.12.1730119231-1.el8", "product_name": "OCP-Tools-4.12-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8887", "cpe": "cpe:/a:redhat:ocp_tools:4.13::el8", "package": "jenkins-0:2.462.3.1729839924-3.el8", "product_name": "OCP-Tools-4.13-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8887", "cpe": "cpe:/a:redhat:ocp_tools:4.13::el8", "package": "jenkins-2-plugins-0:4.13.1729840148-1.el8", "product_name": "OCP-Tools-4.13-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8885", "cpe": "cpe:/a:redhat:ocp_tools:4.14::el8", "package": "jenkins-0:2.462.3.1729839727-3.el8", "product_name": "OCP-Tools-4.14-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8885", "cpe": "cpe:/a:redhat:ocp_tools:4.14::el8", "package": "jenkins-2-plugins-0:4.14.1729839844-1.el8", "product_name": "OCP-Tools-4.14-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8884", "cpe": "cpe:/a:redhat:ocp_tools:4.15::el8", "package": "jenkins-0:2.462.3.1729837947-3.el8", "product_name": "OCP-Tools-4.15-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}, {"advisory": "RHSA-2024:8884", "cpe": "cpe:/a:redhat:ocp_tools:4.15::el8", "package": "jenkins-2-plugins-0:4.15.1729838165-1.el8", "product_name": "OCP-Tools-4.15-RHEL-8", "release_date": "2024-11-05T00:00:00Z"}], "bugzilla": {"description": "jenkins: Item creation restriction bypass vulnerability", "id": "2316131", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2316131"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "status": "verified"}, "cwe": "CWE-1220", "details": ["If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction.", "A flaw was found in Jenkins. When attempting to create an item prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API, if either of these checks fail, Jenkins creates the item in memory and only deletes it from disk. This may allow an attacker with the Item/Configure permission to save the item, effectively bypassing the item creation restriction."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2024-47804", "package_state": [{"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Not affected", "package_name": "rhdh-hub-container", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Not affected", "package_name": "rhdh-operator-container", "product_name": "Red Hat Developer Hub"}], "public_date": "2024-10-02T15:35:03Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-47804\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-47804\nhttps://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3448"], "threat_severity": "Moderate"}