CVE-2020-2165
published 2020-03-25CVE-2020-2165: Jenkins Artifactory Plugin 3.6.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially…
PriorityP337high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EPSS
1.09%
61.1th percentile
Jenkins Artifactory Plugin 3.6.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | artifactory_plugin | — | — |
| jenkins | aws_steps_plugin | — | — |
| jenkins | azure_container_service_plugin | — | — |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_lts | — | — |
| jenkins | jenkins_weekly | — | — |
| jenkins | openshift_pipeline_plugin | — | — |
| jenkins | queue_cleanup_plugin | — | — |
| jenkins | rapiddeploy_plugin | — | — |
| jenkins | yaml_input_files_to_azure_container_service_plugin | — | — |
| jenkins | yaml_input_files_to_openshift_pipeline_plugin | — | — |
| jenkins_project | jenkins_artifactory_plugin | — | — |
| jfrog | artifactory | <= 3.6.0 | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Jenkins
Jenkins Security Advisory 2020-03-25
vendor_jenkins·2020-03-25·CVSS 8.8
CVE-2020-2160 [HIGH] Jenkins Security Advisory 2020-03-25
Title: Jenkins Security Advisory 2020-03-25
Jenkins Security Advisory 2020-03-25
Jenkins Security Home
For Administrators
Overview
Terminology
Vulnerabilities and Scoring
Security Advisories
Security Issues
Advisory Schedule
Vulnerabilities in Plugins
How We Fix Security Issues
For Reporters
Reporting Vulnerabilities
Jenkins CNA
For Maintainers
Overview
Vulnerabilities in Plugins
Jenkins Security Team
About
Contributions
This advisory announces vulnerabilities in the following Jenkins deliverables:
Jenkins (core)
Artifactory
Plugin
Azure Container Service
Plugin
OpenShift Pipeline
Plugin
Pipeline: AWS Steps
Plugin
Queue cleanup
Plugin
RapidDeploy
Plugin
Descrip
OSV
Passwords transmitted in plain text by Jenkins Artifactory Plugin
osv·2022-05-24
CVE-2020-2165 [LOW] Passwords transmitted in plain text by Jenkins Artifactory Plugin
Passwords transmitted in plain text by Jenkins Artifactory Plugin
Jenkins Artifactory Plugin 3.6.0 and earlier stores Artifactory server passwords in its global configuration file `org.jfrog.hudson.ArtifactoryBuilder.xml` on the Jenkins controller as part of its configuration.
While the password is stored encrypted on disk since Artifactory Plugin 3.6.0, it is transmitted in plain text as part of the configuration form by Artifactory Plugin 3.6.0 and earlier. This can result in exposure of the password through browser extensions, cross-site scripting vulnerabilities, and similar situations.
Artifactory Plugin 3.6.1 transmits the password in its global configuration encrypted.
GHSA
Passwords transmitted in plain text by Jenkins Artifactory Plugin
ghsa·2022-05-24
CVE-2020-2165 [LOW] CWE-319 Passwords transmitted in plain text by Jenkins Artifactory Plugin
Passwords transmitted in plain text by Jenkins Artifactory Plugin
Jenkins Artifactory Plugin 3.6.0 and earlier stores Artifactory server passwords in its global configuration file `org.jfrog.hudson.ArtifactoryBuilder.xml` on the Jenkins controller as part of its configuration.
While the password is stored encrypted on disk since Artifactory Plugin 3.6.0, it is transmitted in plain text as part of the configuration form by Artifactory Plugin 3.6.0 and earlier. This can result in exposure of the password through browser extensions, cross-site scripting vulnerabilities, and similar situations.
Artifactory Plugin 3.6.1 transmits the password in its global configuration encrypted.
Suricata
ET WEB_SPECIFIC_APPS Cisco BBSM Captive Portal AccesCodeStart.asp Cross-Site Scripting Attempt
suricata·2010-07-30
CVE-2008-2165 ET WEB_SPECIFIC_APPS Cisco BBSM Captive Portal AccesCodeStart.asp Cross-Site Scripting Attempt
ET WEB_SPECIFIC_APPS Cisco BBSM Captive Portal AccesCodeStart.asp Cross-Site Scripting Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Cisco BBSM Captive Portal AccesCodeStart.asp Cross-Site Scripting Attempt"; flow:established,to_server; http.uri; content:"/ekgnkm/AccessCodeStart.asp"; nocase; pcre:"/(script|img|src|alert|onmouse|onkey|onload|ondragdrop|onblur|onfocus|onclick)/i"; reference:url,www.securityfocus.com/bid/29191/info; reference:cve,2008-2165; classtype:attempted-user; sid:2010506; rev:7; metadata:created_at 2010_07_30, cve CVE_2008_2165, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2020_09_10;)
Suricata
ET WEB_SERVER Cisco BBSM Captive Portal AccesCodeStart.asp Cross-Site Scripting Attempt
suricata·2010-07-30
CVE-2008-2165 ET WEB_SERVER Cisco BBSM Captive Portal AccesCodeStart.asp Cross-Site Scripting Attempt
ET WEB_SERVER Cisco BBSM Captive Portal AccesCodeStart.asp Cross-Site Scripting Attempt
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_SERVER Cisco BBSM Captive Portal AccesCodeStart.asp Cross-Site Scripting Attempt"; flow:established,to_server; http.uri; content:"|2F|ekgnkm|2F|AccessCodeStart|2E|asp"; nocase; pcre:"/(script|onmouse[a-z]+|onkey[a-z]+|onload|onunload|ondragdrop|onblur|onfocus|onclick|ondblclick|onsubmit|onreset|onselect|onchange)/i"; reference:url,www.securityfocus.com/bid/29191/info; reference:cve,2008-2165; classtype:attempted-user; sid:2010460; rev:7; metadata:created_at 2010_07_30, cve CVE_2008_2165, signature_severity Major, updated_at 2020_09_14;)
No public exploits indexed.
No writeups or analysis indexed.
2020-03-25
Published