Cross-site Request Forgery (CSRF)

Affecting org.jenkins-ci.plugins:crx-content-package-deployer artifact, versions [,1.9)

Report new vulnerabilities
Do your applications use this vulnerable package? Test your applications

Overview

org.jenkins-ci.plugins:crx-content-package-deployer is a Jenkins plugin that Deploys content packages to Adobe CRX applications, like Adobe CQ/AEM.

Affected versions of this package are vulnerable to Cross-site Request Forgery (CSRF). It did not perform permission checks on a method implementing form validation. This allowed users with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. In addition, the form validation method did not require POST requests, resulting in a CSRF vulnerability.

Remediation

Upgrade org.jenkins-ci.plugins:crx-content-package-deployer to version 1.9 or higher.

References

CVSS Score

7.1
high severity
  • Attack Vector
    Network
  • Attack Complexity
    Low
  • Privileges Required
    Low
  • User Interaction
    None
  • Scope
    Unchanged
  • Confidentiality
    High
  • Integrity
    Low
  • Availability
    None
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Credit
Oleg Nenashe
CVE
CVE-2019-10437 CVE-2019-10438
CWE
CWE-352
Snyk ID
SNYK-JAVA-ORGJENKINSCIPLUGINS-473896
Disclosed
16 Oct, 2019
Published
09 Jan, 2020