CVE-2022-25177

Aliases:GHSA-q234-x887-9rxh

Advisory lineage Upstream: 0 Downstream: 6

Downstream

RHSA-2022:0871 RHSA-2022:1021 RHSA-2022:1025 RHSA-2022:1248 RHSA-2022:1420 RHSA-2022:1620

Modified

Published: 15 Feb 2022, 16:10

Last modified:03 Aug 2024, 04:36

Vulnerability Summary

Overall Risk (default)

medium

26/100

CVSS Score

6.5 MEDIUM

v3.1 (nvd)

EPSS Score

0.64% LOW

1% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

15 Feb 2022, 16:10

Published

Vulnerability first disclosed

03 Aug 2024, 04:36

Last Modified

Vulnerability information updated

Description

Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier follows symbolic links to locations outside of the expected Pipeline library when reading files using the libraryResource step, allowing attackers able to configure Pipelines to read arbitrary files on the Jenkins controller file system.

CVSS Metrics

v3.1•MEDIUM•Score: 6.5CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
v2.0•MEDIUM•Score: 4AV:N/AC:L/Au:S/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 0.64%• Percentile: 71%

Techniques & Countermeasures

CWE-59•Improper Link Resolution Before File Access ('Link Following')
The product attempts to access a file based on the filename, but it does not properly prevent that filename from identifying a link or shortcut that resolves to an unintended resource.

Affected Systems

jenkins project•jenkins pipeline: shared groovy libraries plugin
≥ unspecified, ≤ 552.vd9cc05b8a2e1
org.jenkins-ci.plugins.workflow•workflow-cps-global-lib
≥ 2.22, < 561.va_ce0de3c2d69 | ≥ 2.19, < 2.21.1 | < 2.18.1