CVE-2018-1000866Improper Privilege Management in Jenkins Pipeline

CWE-269Improper Privilege ManagementCWE-94Code Injection8 documents7 sources
Severity
8.8HIGHNVD
EPSS
0.6%
top 30.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Jenkins PipelineRedhat Openshift Container Platform
Timeline
PublishedDec 10
Latest updateMay 13

Description

A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages1 packages

Also affects: Openshift Container Platform 3.11

🔴Vulnerability Details

3
GHSA
Jenkins Script Security and Pipeline Groovy Plugins Sandbox Bypass2022-05-13
OSV
Jenkins Script Security and Pipeline Groovy Plugins Sandbox Bypass2022-05-13
CVEList
CVE-2018-1000866: A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 22018-12-10

📋Vendor Advisories

2
Red Hat
jenkins-plugin-script-security: Sandbox Bypass in finalize methods2018-10-29
Jenkins
Jenkins Security Advisory 2018-10-292018-10-29

💬Community

2
Bugzilla
CVE-2018-1000865 CVE-2018-1000866 jenkins-script-security-plugin: jenkins-plugin-script-security: Sandbox Bypass in finalize methods [fedora-all]2018-11-06
Bugzilla
CVE-2018-1000865 CVE-2018-1000866 jenkins-plugin-script-security: Sandbox Bypass in finalize methods2018-11-06
CVE-2018-1000866 — Improper Privilege Management | cvebase