7.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2018-1999002

GHSA ID

GHSA-qf38-f2fr-q4x9

EPSS Score

0.99795%

CWE

CWE-20

Published

5/13/2022

Updated

12/18/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2018-1999002

CVE-2018-1999002:
Improper Input Validation in Jenkins

A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to.

(GitHub Advisory)

7.5

CVSS Score

3.0

Basic Information

CVE ID

CVE-2018-1999002

GHSA ID

GHSA-qf38-f2fr-q4x9

EPSS Score

0.99795%

CWE

CWE-20

Published

5/13/2022

Updated

12/18/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.jenkins-ci.main:jenkins-core	maven	< 2.121.2	2.121.2
org.jenkins-ci.main:jenkins-core	maven	>= 2.122, < 2.132	2.132

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from improper input validation when handling locale parameters in HTTP requests to access files. The Stapler framework's resource resolution in the 'open' method used unvalidated locale components to build file paths, allowing path traversal. The patch adds regex validation for language, country, and variant fields, confirming the vulnerability was in this function. The test cases in Security914Test.java validate() that crafted Accept-Language headers can no longer traverse directories, further confirming this as the attack vector.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *r*itr*ry *il* r*** vuln*r**ility *xists in J*nkins *.*** *n* **rli*r, *.***.* *n* **rli*r in t** St*pl*r w** *r*m*work's or*/ko*suk*/st*pl*r/St*pl*r.j*v* t**t *llows *tt**k*rs to s*n* *r**t** *TTP r*qu*sts r*turnin* t** *ont*nts o* *ny *il* on t**

Reasoning

T** vuln*r**ility st*ms *rom improp*r input v*li**tion w**n **n*lin* lo**l* p*r*m*t*rs in *TTP r*qu*sts to ****ss *il*s. T** St*pl*r *r*m*work's r*sour** r*solution in t** 'op*n' m*t*o* us** unv*li**t** lo**l* *ompon*nts to *uil* *il* p*t*s, *llowin*

7.5

Basic Information

Concerned about an active attack path?

CVE-2018-1999002: Improper Input Validation in Jenkins

7.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2018-1999002:
Improper Input Validation in Jenkins

Vulnerability Intelligence
Miggo AI