Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-23900

Summary
Assigner-jenkins
Assigner Org ID-39769cd5-e6e2-4dc8-927e-97b3aa056f5b
Published At-24 Jan, 2024 | 17:52
Updated At-16 Jun, 2025 | 19:32
Rejected At-
Credits

Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by the attackers.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:jenkins
Assigner Org ID:39769cd5-e6e2-4dc8-927e-97b3aa056f5b
Published At:24 Jan, 2024 | 17:52
Updated At:16 Jun, 2025 | 19:32
Rejected At:
▼CVE Numbering Authority (CNA)

Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by the attackers.

Affected Products
Vendor
JenkinsJenkins Project
Product
Jenkins Matrix Project Plugin
Default Status
unaffected
Versions
Affected
  • From 0 through 822.v01b_8c85d16d2 (maven)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289
vendor-advisory
http://www.openwall.com/lists/oss-security/2024/01/24/6
N/A
Hyperlink: https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289
Resource:
vendor-advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2024/01/24/6
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289
vendor-advisory
x_transferred
http://www.openwall.com/lists/oss-security/2024/01/24/6
x_transferred
Hyperlink: https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289
Resource:
vendor-advisory
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2024/01/24/6
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-noinfoCWE-noinfo Not enough information
Type: CWE
CWE ID: CWE-noinfo
Description: CWE-noinfo Not enough information
Metrics
VersionBase scoreBase severityVector
3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:jenkinsci-cert@googlegroups.com
Published At:24 Jan, 2024 | 18:15
Updated At:16 Jun, 2025 | 20:15

Jenkins Matrix Project Plugin 822.v01b_8c85d16d2 and earlier does not sanitize user-defined axis names of multi-configuration projects, allowing attackers with Item/Configure permission to create or replace any config.xml files on the Jenkins controller file system with content not controllable by the attackers.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Secondary3.14.3MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Type: Primary
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Type: Secondary
Version: 3.1
Base score: 4.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
CPE Matches
Jenkins
jenkins
>>matrix_project>>Versions up to 822.v01b_8c85d16d2(inclusive)
cpe:2.3:a:jenkins:matrix_project:*:*:*:*:*:jenkins:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.openwall.com/lists/oss-security/2024/01/24/6jenkinsci-cert@googlegroups.com
Mailing List
Third Party Advisory
https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289jenkinsci-cert@googlegroups.com
Vendor Advisory
http://www.openwall.com/lists/oss-security/2024/01/24/6af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2024/01/24/6
Source: jenkinsci-cert@googlegroups.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289
Source: jenkinsci-cert@googlegroups.com
Resource:
Vendor Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2024/01/24/6
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3289
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

113Records found
CVE-2022-20613
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.09% / 25.89%
||
7 Day CHG~0.00%
Published-12 Jan, 2022 | 00:00
Updated-03 Aug, 2024 | 02:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A cross-site request forgery (CSRF) vulnerability in Jenkins Mailer Plugin 391.ve4a_38c1b_cf4b_ and earlier allows attackers to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.

Action-Not Available
Vendor-Oracle CorporationJenkins
Product-communications_cloud_native_core_automated_test_suitemailerJenkins Mailer Plugin
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2022-20612
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.22% / 44.35%
||
7 Day CHG~0.00%
Published-12 Jan, 2022 | 19:05
Updated-03 Aug, 2024 | 02:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A cross-site request forgery (CSRF) vulnerability in Jenkins 2.329 and earlier, LTS 2.319.1 and earlier allows attackers to trigger build of job without parameters when no security realm is set.

Action-Not Available
Vendor-Oracle CorporationJenkins
Product-communications_cloud_native_core_automated_test_suitejenkinsJenkins
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2023-32999
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.13% / 33.70%
||
7 Day CHG~0.00%
Published-16 May, 2023 | 16:00
Updated-23 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A missing permission check in Jenkins AppSpider Plugin 1.0.15 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials.

Action-Not Available
Vendor-Jenkins
Product-appspiderJenkins AppSpider Plugin
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-32996
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.12% / 32.26%
||
7 Day CHG~0.00%
Published-16 May, 2023 | 16:00
Updated-23 Jan, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A missing permission check in Jenkins SAML Single Sign On(SSO) Plugin 2.0.0 and earlier allows attackers with Overall/Read permission to send an HTTP POST request with JSON body containing attacker-specified content, to miniOrange's API for sending emails.

Action-Not Available
Vendor-Jenkins
Product-saml_single_sign-onJenkins SAML Single Sign On(SSO) Plugin
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-33004
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.11% / 30.64%
||
7 Day CHG~0.00%
Published-16 May, 2023 | 16:00
Updated-23 Jan, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A missing permission check in Jenkins Tag Profiler Plugin 0.2 and earlier allows attackers with Overall/Read permission to reset profiler statistics.

Action-Not Available
Vendor-Jenkins
Product-tag_profilerJenkins Tag Profiler Plugin
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2024-47804
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.15% / 36.75%
||
7 Day CHG~0.00%
Published-02 Oct, 2024 | 15:35
Updated-14 Mar, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction.

Action-Not Available
Vendor-Jenkins
Product-jenkinsJenkins
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2020-2104
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.37% / 58.16%
||
7 Day CHG~0.00%
Published-29 Jan, 2020 | 15:15
Updated-04 Aug, 2024 | 07:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart.

Action-Not Available
Vendor-Jenkins
Product-jenkinsJenkins
CWE ID-CWE-863
Incorrect Authorization
CVE-2021-21647
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.09% / 26.27%
||
7 Day CHG~0.00%
Published-21 Apr, 2021 | 14:20
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins CloudBees CD Plugin 1.1.21 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Item/Read permission to schedule builds of projects without having Item/Build permission.

Action-Not Available
Vendor-Jenkins
Product-cloudbees_cdJenkins CloudBees CD Plugin
CVE-2021-21682
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.57% / 67.76%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 22:10
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins 2.314 and earlier, LTS 2.303.1 and earlier accepts names of jobs and other entities with a trailing dot character, potentially replacing the configuration and data of other entities on Windows.

Action-Not Available
Vendor-Microsoft CorporationJenkins
Product-windowsjenkinsJenkins
CVE-2021-21639
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.13% / 33.04%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 13:50
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins 2.286 and earlier, LTS 2.277.1 and earlier does not validate the type of object created after loading the data submitted to the `config.xml` REST API endpoint of a node, allowing attackers with Computer/Configure permission to replace a node with one of a different type.

Action-Not Available
Vendor-Jenkins
Product-jenkinsJenkins
CVE-2021-21676
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.03% / 7.03%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 16:45
Updated-03 Aug, 2024 | 18:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins requests-plugin Plugin 2.2.7 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to send test emails to an attacker-specified email address.

Action-Not Available
Vendor-Jenkins
Product-requestsJenkins requests-plugin Plugin
CWE ID-CWE-862
Missing Authorization
CVE-2021-21620
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.31% / 53.44%
||
7 Day CHG~0.00%
Published-24 Feb, 2021 | 15:05
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A cross-site request forgery (CSRF) vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims.

Action-Not Available
Vendor-Jenkins
Product-claimJenkins Claim Plugin
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
CVE-2022-34815
Matching Score-8
Assigner-Jenkins Project
ShareView Details
Matching Score-8
Assigner-Jenkins Project
CVSS Score-4.3||MEDIUM
EPSS-0.08% / 25.23%
||
7 Day CHG~0.00%
Published-30 Jun, 2022 | 17:49
Updated-03 Aug, 2024 | 09:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A cross-site request forgery (CSRF) vulnerability in Jenkins Request Rename Or Delete Plugin 1.1.0 and earlier allows attackers to accept pending requests, thereby renaming or deleting jobs.

Action-Not Available
Vendor-Jenkins
Product-request_rename_or_deleteJenkins Request Rename Or Delete Plugin
CWE ID-CWE-352
Cross-Site Request Forgery (CSRF)
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found