CVE-2018-1000408
published 2019-01-09CVE-2018-1000408: A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in…
PriorityP338medium6.5CVSS 3.0
AVNACLPRNUINSUCNILAL
EXPLOIT
EPSS
1.47%
70.5th percentile
A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances using the built-in Jenkins user database security realm that results in the creation of an ephemeral user record in memory.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| eglibc | eglibc | >= 0 < 2.19-0ubuntu6.14 | 2.19-0ubuntu6.14 |
| gnu | glibc | >= 0 < 2.23-0ubuntu10 | 2.23-0ubuntu10 |
| jenkins | jenkins | <= 2.138.1 | — |
| jenkins | jenkins | <= 2.145 | — |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_lts | — | — |
| jenkins | jenkins_weekly | — | — |
CVSS provenance
nvdv3.06.5MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:P
osv7.8HIGH
vendor_redhat6.5MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Improper Authorization in Jenkins
ghsa·2022-05-13
CVE-2018-1000408 [MEDIUM] CWE-285 Improper Authorization in Jenkins
Improper Authorization in Jenkins
A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances using the built-in Jenkins user database security realm that results in the creation of an ephemeral user record in memory.
OSV
Improper Authorization in Jenkins
osv·2022-05-13
CVE-2018-1000408 [MEDIUM] Improper Authorization in Jenkins
Improper Authorization in Jenkins
A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances using the built-in Jenkins user database security realm that results in the creation of an ephemeral user record in memory.
OSV
eglibc, glibc vulnerabilities
osv·2018-01-17·CVSS 7.8
CVE-2018-1000001 eglibc, glibc vulnerabilities
eglibc, glibc vulnerabilities
It was discovered that the GNU C library did not properly handle all of
the possible return values from the kernel getcwd(2) syscall. A local
attacker could potentially exploit this to execute arbitrary code in setuid
programs and gain administrative privileges. (CVE-2018-1000001)
A memory leak was discovered in the _dl_init_paths() function in the GNU
C library dynamic loader. A local attacker could potentially exploit this
with a specially crafted value in the LD_HWCAP_MASK environment variable,
in combination with CVE-2017-1000409 and another vulnerability on a system
with hardlink protections disabled, in order to gain administrative
privileges. (CVE-2017-1000408)
A heap-based buffer overflow was discovered in the _dl_init_paths()
function in the GNU C
Jenkins
Jenkins Security Advisory 2018-10-10
vendor_jenkins·2018-10-10·CVSS 6.5
CVE-2018-1000406 [MEDIUM] Jenkins Security Advisory 2018-10-10
Title: Jenkins Security Advisory 2018-10-10
Jenkins Security Advisory 2018-10-10
Jenkins Security Home
For Administrators
Overview
Terminology
Vulnerabilities and Scoring
Security Advisories
Security Issues
Advisory Schedule
Vulnerabilities in Plugins
How We Fix Security Issues
For Reporters
Reporting Vulnerabilities
Jenkins CNA
For Maintainers
Overview
Vulnerabilities in Plugins
Jenkins Security Team
About
Contributions
This advisory announces vulnerabilities in the following Jenkins deliverables:
Jenkins (core)
Descriptions
Path traversal vulnerability in Stapler allowed accessing internal data
SECURITY-867
/
CVE-2018-1000997
Severity (CVSS):
medium
Description:
A path t
Red Hat
jenkins: Ephemeral user record creation
vendor_redhat·2018-10-10·CVSS 6.5
CVE-2018-1000408 [MEDIUM] CWE-400 jenkins: Ephemeral user record creation
jenkins: Ephemeral user record creation
A denial of service vulnerability exists in Jenkins 2.145 and earlier, LTS 2.138.1 and earlier in core/src/main/java/hudson/security/HudsonPrivateSecurityRealm.java that allows attackers without Overall/Read permission to access a specific URL on instances using the built-in Jenkins user database security realm that results in the creation of an ephemeral user record in memory.
Package: jenkins (Red Hat OpenShift Container Platform 3.10) - Will not fix
Package: jenkins (Red Hat OpenShift Container Platform 3.4) - Will not fix
Package: jenkins (Red Hat OpenShift Container Platform 3.5) - Will not fix
Package: jenkins (Red Hat OpenShift Container Platform 3.6) - Will not fix
Package: jenkins (Red Hat OpenShift Container Platform 3.7) - Will not f
No detection rules found.
Bugzilla
CVE-2018-1000406 CVE-2018-1000407 CVE-2018-1000408 CVE-2018-1000409 CVE-2018-1000410 CVE-2018-1000997 jenkins: various flaws [fedora-all]
bugzilla·2018-10-25·CVSS 6.5
CVE-2018-1000406 [MEDIUM] CVE-2018-1000406 CVE-2018-1000407 CVE-2018-1000408 CVE-2018-1000409 CVE-2018-1000410 CVE-2018-1000997 jenkins: various flaws [fedora-all]
CVE-2018-1000406 CVE-2018-1000407 CVE-2018-1000408 CVE-2018-1000409 CVE-2018-1000410 CVE-2018-1000997 jenkins: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit me
Bugzilla
CVE-2018-1000408 jenkins: Ephemeral user record creation
bugzilla·2018-10-25·CVSS 6.5
CVE-2018-1000408 [MEDIUM] CVE-2018-1000408 jenkins: Ephemeral user record creation
CVE-2018-1000408 jenkins: Ephemeral user record creation
By accessing a specific crafted URL on Jenkins instances using Jenkins' own user database, users without Overall/Read access could create ephemeral user records.
This behavior could be abused to create a large number of ephemeral user records in memory.
External References:
https://jenkins.io/security/advisory/2018-10-10/#SECURITY-1128
Discussion:
Created jenkins tracking bugs for this issue:
Affects: fedora-all [bug 1642894]
---
Jenkins security policy[0]:
"Any security advisory related updates to Jenkins core or the plugins we include in the OpenShift Jenkins master image will only occur in the v3.11 and v4.x branches of this repository.
We do support running the v3.11 version of the master image against older v3.x (as f
2019-01-09
Published