CVE-2018-8718
published 2018-03-27CVE-2018-8718: Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an…
PriorityP349high8CVSS 3.0
AVNACLPRLUIRSUCHIHAH
EXPLOIT
EPSS
6.77%
93.2th percentile
Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | ansible_plugin | — | — |
| jenkins | builds_started_before_the_plugin | — | — |
| jenkins | copy_to_slave_plugin | — | — |
| jenkins | cucumber_living_documentation_plugin | — | — |
| jenkins | github_pull_request_builder_plugin | — | — |
| jenkins | liquibase_runner_plugin | — | — |
| jenkins | mailer | <= 1.20 | — |
| jenkins | mailer_plugin | — | — |
| jenkins | p4_plugin | — | — |
| jenkins | perforce_plugin | — | — |
| jenkins | reverse_proxy_auth_plugin | — | — |
| jenkins | we_recommend_that_users_of_perforce_plugin | — | — |
CVSS provenance
nvdv3.08.0HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.0MEDIUMAV:N/AC:M/Au:S/C:P/I:P/A:P
vendor_redhat8.0HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Cross-Site Request Forgery in Jenkins Mailer Plugin
ghsa·2022-05-14
CVE-2018-8718 [HIGH] CWE-352 Cross-Site Request Forgery in Jenkins Mailer Plugin
Cross-Site Request Forgery in Jenkins Mailer Plugin
Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.
OSV
Cross-Site Request Forgery in Jenkins Mailer Plugin
osv·2022-05-14
CVE-2018-8718 [HIGH] Cross-Site Request Forgery in Jenkins Mailer Plugin
Cross-Site Request Forgery in Jenkins Mailer Plugin
Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.
Red Hat
jenkins-plugin-mailer: Missing permissions check in Mailer.java:doSendTestMail() allows unauthorised users to send mail
vendor_redhat·2018-03-26·CVSS 8.0
CVE-2018-8718 [HIGH] CWE-862 jenkins-plugin-mailer: Missing permissions check in Mailer.java:doSendTestMail() allows unauthorised users to send mail
jenkins-plugin-mailer: Missing permissions check in Mailer.java:doSendTestMail() allows unauthorised users to send mail
Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.
Package: jenkins-mailer-plugin (Red Hat OpenShift Enterprise 3) - Affected
Jenkins
Jenkins Security Advisory 2018-03-26
vendor_jenkins·2018-03-26·CVSS 7.8
CVE-2018-1000142 [HIGH] Jenkins Security Advisory 2018-03-26
Title: Jenkins Security Advisory 2018-03-26
Jenkins Security Advisory 2018-03-26
Jenkins Security Home
For Administrators
Overview
Terminology
Vulnerabilities and Scoring
Security Advisories
Security Issues
Advisory Schedule
Vulnerabilities in Plugins
How We Fix Security Issues
For Reporters
Reporting Vulnerabilities
Jenkins CNA
For Maintainers
Overview
Vulnerabilities in Plugins
Jenkins Security Team
About
Contributions
This advisory announces vulnerabilities in the following Jenkins deliverables:
Ansible
Plugin
Copy To Slave
Plugin
Cucumber Living Documentation
Plugin
GitHub Pull Request Builder
Plugin
Liquibase Runner
Plugin
Mailer
Plugin
Perforce
Plugin
Re
No detection rules found.
Bugzilla
CVE-2018-8718 jenkins-mailer-plugin: jenkins-plugin-mailer: Missing permissions check in Mailer.java:doSendTestMail() allows unauthorised users to send mail [fedora-all]
bugzilla·2018-03-28·CVSS 8.0
CVE-2018-8718 [HIGH] CVE-2018-8718 jenkins-mailer-plugin: jenkins-plugin-mailer: Missing permissions check in Mailer.java:doSendTestMail() allows unauthorised users to send mail [fedora-all]
CVE-2018-8718 jenkins-mailer-plugin: jenkins-plugin-mailer: Missing permissions check in Mailer.java:doSendTestMail() allows unauthorised users to send mail [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM ch
Bugzilla
CVE-2018-8718 jenkins-plugin-mailer: Missing permissions check in Mailer.java:doSendTestMail() allows unauthorised users to send mail
bugzilla·2018-03-28·CVSS 8.0
CVE-2018-8718 [HIGH] CVE-2018-8718 jenkins-plugin-mailer: Missing permissions check in Mailer.java:doSendTestMail() allows unauthorised users to send mail
CVE-2018-8718 jenkins-plugin-mailer: Missing permissions check in Mailer.java:doSendTestMail() allows unauthorised users to send mail
The Jenkins Mailer Plugin through version 1.20 is missing a permissions check in the Mailer.java:doSendTestMail() function. Users with Overall/Read access are able to connect to a user-specified mail server with user-specified credentials to send a test email to a user-specified email address. The email subject and body could not be changed. This could result in DoS if, for example, specifying a valid mail server but invalid credentials.
As the same URL did not require POST to be used, it also was vulnerable to cross-site request forgery.
Upstream Advisory:
https://jenkins.io/security/advisory/2018-03-26/
Upstream Patch:
https://github.com/jenkinsci/
arXiv
Identifying Vulnerable Third-Party Java Libraries from Textual Descriptions of Vulnerabilities and Libraries
arxiv_fulltext·2023-11-17
Identifying Vulnerable Third-Party Java Libraries from Textual Descriptions of Vulnerabilities and Libraries
Identifying Vulnerable Third-Party Java Libraries from Textual Descriptions of Vulnerabilities and Libraries
Tianyu Chen
Key Lab of HCST (PKU), MOE; SCS; Peking University
China
[email protected]
Lin Li
[email protected]
Huawei Cloud Computing Technologies Co., Ltd.
Beijing
China
Bingjie Shan
[email protected]
Huawei Cloud Computing Technologies Co., Ltd.
Beijing
China
Guangtai Liang
[email protected]
Huawei Cloud Computing Technologies Co., Ltd.
Beijing
China
Ding Li
[email protected]
Key Lab of HCST (PKU), MOE; SCS; Peking University
Beijing
China
Qianxiang Wang
[email protected]
Huawei Cloud Computing Technologies Co., Ltd.
Beijing
China
Tao Xie
[email protected]
Key Lab of HCST (PKU), MOE; SCS; Peking University
Beijing
China
Chen, et al.
## Abst
http://www.openwall.com/lists/oss-security/2018/03/26/3http://www.securityfocus.com/bid/103691https://jenkins.io/security/advisory/2018-03-26/https://www.exploit-db.com/exploits/44843/http://www.openwall.com/lists/oss-security/2018/03/26/3http://www.securityfocus.com/bid/103691https://jenkins.io/security/advisory/2018-03-26/https://www.exploit-db.com/exploits/44843/
2018-03-27
Published