CVE-2020-2287
published 2020-10-08CVE-2020-2287: Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for…
medium5.3CVSS 3.1
AVNACLPRNUINSUCNILAN
EPSS
1.16%
63.1th percentile
Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs that bypass request logging of any target URL.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | active_choices_plugin | — | — |
| jenkins | audit_trail_plugin | — | — |
| jenkins | incorrect_default_pattern_in_audit_trail_plugin | — | — |
| jenkins | maven_cascade_release_plugin | — | — |
| jenkins | nerrvana_plugin | — | — |
| jenkins | persona_plugin | — | — |
| jenkins | release_plugin | — | — |
| jenkins | request_logging_could_be_bypassed_in_audit_trail_plugin | — | — |
| jenkins | role-based_authorization_strategy_plugin | — | — |
| jenkins | shared_objects_plugin | — | — |
| jenkins | sms_notification_plugin | — | — |
| jenkins_project | jenkins_audit_trail_plugin | unspecified – 3.6 | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:P/A:N
cvelistv55.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
Request logging bypass in Jenkins Audit Trail Plugin
osv·2022-02-10
CVE-2020-2287 [MEDIUM] Request logging bypass in Jenkins Audit Trail Plugin
Request logging bypass in Jenkins Audit Trail Plugin
Audit Trail Plugin logs requests whose URL path matches an admin-configured regular expression.
A discrepancy between the behavior of the plugin and the Stapler web framework in parsing URL paths allows attackers to craft URLs that would bypass request logging in Audit Trail Plugin 3.6 and earlier. This only applies to Jenkins 2.227 and earlier, LTS 2.204.5 and earlier, as the fix for [SECURITY-1774](https://www.jenkins.io/security/advisory/2020-03-25/#SECURITY-1774) prohibits dispatch of affected requests.
Audit Trail Plugin 3.7 processes request URL paths the same way as the Stapler web framework.
GHSA
Request logging bypass in Jenkins Audit Trail Plugin
ghsa·2022-02-10
CVE-2020-2287 [MEDIUM] CWE-435 Request logging bypass in Jenkins Audit Trail Plugin
Request logging bypass in Jenkins Audit Trail Plugin
Audit Trail Plugin logs requests whose URL path matches an admin-configured regular expression.
A discrepancy between the behavior of the plugin and the Stapler web framework in parsing URL paths allows attackers to craft URLs that would bypass request logging in Audit Trail Plugin 3.6 and earlier. This only applies to Jenkins 2.227 and earlier, LTS 2.204.5 and earlier, as the fix for [SECURITY-1774](https://www.jenkins.io/security/advisory/2020-03-25/#SECURITY-1774) prohibits dispatch of affected requests.
Audit Trail Plugin 3.7 processes request URL paths the same way as the Stapler web framework.
CVEList
CVE-2020-2287: Jenkins Audit Trail Plugin 3
cvelistv5·2020-10-08·CVSS 5.3
CVE-2020-2287 [MEDIUM] CVE-2020-2287: Jenkins Audit Trail Plugin 3
Jenkins Audit Trail Plugin 3.6 and earlier applies pattern matching to a different representation of request URL paths than the Stapler web framework uses for dispatching requests, which allows attackers to craft URLs that bypass request logging of any target URL.
Jenkins
Jenkins Security Advisory 2020-10-08
vendor_jenkins·2020-10-08·CVSS 8.8
CVE-2020-2286 [HIGH] Jenkins Security Advisory 2020-10-08
Title: Jenkins Security Advisory 2020-10-08
Jenkins Security Advisory 2020-10-08
Jenkins Security Home
For Administrators
Overview
Terminology
Vulnerabilities and Scoring
Security Advisories
Security Issues
Advisory Schedule
Vulnerabilities in Plugins
How We Fix Security Issues
For Reporters
Reporting Vulnerabilities
Jenkins CNA
For Maintainers
Overview
Vulnerabilities in Plugins
Jenkins Security Team
About
Contributions
This advisory announces vulnerabilities in the following Jenkins deliverables:
Active Choices
Plugin
Audit Trail
Plugin
couchdb-statistics
Plugin
Maven Cascade Release
Plugin
Nerrvana
Plugin
Persona
Plugin
Release
Plugin
Role-based Authoriza
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2020-10-08
Published