Miggo Logo

CVE-2018-1000410: Exposure of Sensitive Information to an Unauthorized Actor in Jenkins

7.8

CVSS Score
3.0

Basic Information

EPSS Score
0.32928%
Published
5/14/2022
Updated
12/18/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.main:jenkins-coremaven<= 2.138.12.138.2
org.jenkins-ci.main:jenkins-coremaven>= 2.140, <= 2.1452.146

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from unsanitized form data being included in error messages. The key evidence is the patch modifying Descriptor.java's newInstance method to use RedactSecretJsonInErrorMessageSanitizer when formatting error messages - this directly addresses credential leakage. The advisory also explicitly calls out RequestImpl.java as part of the vulnerable code path, though its exact vulnerable function isn't visible in the provided diff. The high confidence for Descriptor.newInstance comes from the direct code change observed; medium confidence for RequestImpl comes from advisory attribution but lack of specific pre-patch code examples.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*n in*orm*tion *xposur* vuln*r**ility *xists in J*nkins *.*** *n* **rli*r, LTS *.***.* *n* **rli*r, *n* t** St*pl*r *r*m*work us** *y t**s* r*l**s*s, in *or*/sr*/m*in/j*v*/or*/ko*suk*/st*pl*r/R*qu*stImpl.j*v*, *or*/sr*/m*in/j*v*/*u*son/mo**l/**s*ript

Reasoning

T** vuln*r**ility st*ms *rom uns*nitiz** *orm **t* **in* in*lu*** in *rror m*ss***s. T** k*y *vi**n** is t** p*t** mo*i*yin* `**s*riptor.j*v*`'s `n*wInst*n**` m*t*o* to us* `R****tS**r*tJsonIn*rrorM*ss***S*nitiz*r` w**n *orm*ttin* *rror m*ss***s - t*