Miggo Logo

CVE-2017-2650: Jenkins Pipeline Classpath Step plugin allowed Script Security sandbox bypass

8.5

CVSS Score
3.0

Basic Information

EPSS Score
0.31936%
CWE
-
Published
5/13/2022
Updated
1/30/2024
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
cprice404:pipeline-classpathmaven= 0.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the classpath step functionality that enables adding classpath entries during pipeline execution. Since the advisory specifically mentions this plugin enables sandbox bypass, the core function responsible for processing classpath additions (ClasspathStepExecution.run) would be the entry point that fails to properly validate/restrict classpath sources. This would allow users with SCM commit access to load unapproved libraries containing unsafe methods that escape the Groovy sandbox. The high confidence comes from the direct correlation between the plugin's purpose (classpath manipulation) and the described sandbox bypass mechanism.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

It w*s *oun* t**t t** us* o* Pip*lin*: *l*ssp*t* St*p J*nkins plu*in *n**l*s * *yp*ss o* t** S*ript S**urity s*n**ox *or us*rs wit* S*M *ommit ****ss, *s w*ll *s us*rs wit* *.*. Jo*/*on*i*ur* p*rmission in J*nkins.

Reasoning

T** vuln*r**ility st*ms *rom t** *l*ssp*t* st*p *un*tion*lity t**t *n**l*s ***in* *l*ssp*t* *ntri*s *urin* pip*lin* *x**ution. Sin** t** **visory sp**i*i**lly m*ntions t*is plu*in *n**l*s s*n**ox *yp*ss, t** *or* *un*tion r*sponsi*l* *or pro**ssin* *