An XML external entities (XXE) vulnerability in Jenkins Token Macro Plugin 2.7 and earlier allowed attackers able to control a the content of the input file for the XML macro to have Jenkins resolve external entities, resulting in the extraction of secrets from the Jenkins agent, server-side request forgery, or denial-of-service attacks.
Weakness
The product processes an XML document that can contain XML entities with URIs that resolve to documents outside of the intended sphere of control, causing the product to embed incorrect documents into its output.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Token_macro | Jenkins | * | 2.7 (including) |
| Red Hat OpenShift Container Platform 3.11 | RedHat | atomic-openshift-0:3.11.129-1.git.0.bd4f2d5.el7 | * |
| Red Hat OpenShift Container Platform 3.11 | RedHat | jenkins-2-plugins-0:3.11.1560870549-1.el7 | * |
| Red Hat OpenShift Container Platform 4.1 | RedHat | jenkins-2-plugins-0:4.1.1561471763-1.el7 | * |
Potential Mitigations
Related Attack Patterns
References
- http://www.openwall.com/lists/oss-security/2019/06/11/1
- http://www.securityfocus.com/bid/108747
- https://access.redhat.com/errata/RHSA-2019:1636
- https://access.redhat.com/errata/RHSA-2019:1851
- https://jenkins.io/security/advisory/2019-06-11/#SECURITY-1399
- http://www.openwall.com/lists/oss-security/2019/06/11/1
- http://www.securityfocus.com/bid/108747
- https://access.redhat.com/errata/RHSA-2019:1636
- https://access.redhat.com/errata/RHSA-2019:1851
- https://jenkins.io/security/advisory/2019-06-11/#SECURITY-1399