CVE-2021-21697
published 2021-11-04CVE-2021-21697: Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few…
PriorityP348critical9.1CVSS 3.1
AVNACLPRNUINSUCHIHAN
EPSS
1.55%
72.0th percentile
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jenkins | jenkins | <= 2.303.2 | — |
| jenkins | jenkins | <= 2.318 | — |
| jenkins | jenkins_core | — | — |
| jenkins | jenkins_lts | — | — |
| jenkins | jenkins_weekly | — | — |
| jenkins | make_sure_to_read_the_plugin | — | — |
| jenkins | remoting_security_workaround_plugin | — | — |
| jenkins | shared_groovy_libraries_plugin | — | — |
| jenkins | subversion_plugin | — | — |
| jenkins_project | jenkins | unspecified – 2.318 | — |
CVSS provenance
nvdv3.19.1CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
vendor_redhat9.1CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
ghsa·2022-05-24
CVE-2021-21697 [CRITICAL] CWE-184 Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
Agents are allowed some limited access to files on the Jenkins controller file system. The directories agents are allowed to access in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier include the directories storing build-related information, intended to allow agents to store build-related metadata during build execution. As a consequence, this allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions (`build.xml` and some Pipeline-related metadata).
Jenkins 2.319, LTS 2.303.3 prevents agents from accessing contents of build directories unless it’s for builds currently running on the agent attempting to access the directory.
U
OSV
Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
osv·2022-05-24
CVE-2021-21697 [CRITICAL] Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
Agent-to-controller access control allows reading/writing most content of build directories in Jenkins
Agents are allowed some limited access to files on the Jenkins controller file system. The directories agents are allowed to access in Jenkins 2.318 and earlier, LTS 2.303.2 and earlier include the directories storing build-related information, intended to allow agents to store build-related metadata during build execution. As a consequence, this allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions (`build.xml` and some Pipeline-related metadata).
Jenkins 2.319, LTS 2.303.3 prevents agents from accessing contents of build directories unless it’s for builds currently running on the agent attempting to access the directory.
U
Red Hat
jenkins: Agent-to-controller access control allows reading/writing most content of build directories
vendor_redhat·2021-11-04·CVSS 9.1
CVE-2021-21697 [CRITICAL] CWE-22 jenkins: Agent-to-controller access control allows reading/writing most content of build directories
jenkins: Agent-to-controller access control allows reading/writing most content of build directories
Jenkins 2.318 and earlier, LTS 2.303.2 and earlier allows any agent to read and write the contents of any build directory stored in Jenkins with very few restrictions.
An incorrect access restriction vulnerability was found in Jenkins. The directories agents are allowed to access include the directories where there are stored build-related information intended to allow agents to store build-related metadata during build execution. As a consequence, this allows an attacker who controls agent process to read and write the contents of any build directory stored in Jenkins with very few restrictions (build.xml and some Pipeline-related metadata).
Mitigation: Red Hat has investigated whether
Jenkins
Jenkins Security Advisory 2021-11-04
vendor_jenkins·2021-11-04·CVSS 9.1
CVE-2021-21685 [CRITICAL] Jenkins Security Advisory 2021-11-04
Title: Jenkins Security Advisory 2021-11-04
Jenkins Security Advisory 2021-11-04
Jenkins Security Home
For Administrators
Overview
Terminology
Vulnerabilities and Scoring
Security Advisories
Security Issues
Advisory Schedule
Vulnerabilities in Plugins
How We Fix Security Issues
For Reporters
Reporting Vulnerabilities
Jenkins CNA
For Maintainers
Overview
Vulnerabilities in Plugins
Jenkins Security Team
About
Contributions
This advisory announces vulnerabilities in the following Jenkins deliverables:
Jenkins (core)
Subversion
Plugin
Descriptions
Multiple vulnerabilities allow bypassing path filtering of agent-to-controller access control
SECURITY-2455
/
CVE-2021-21685, CVE-2021-216
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2021-11-04
Published