CVE-2019-1003028: SSRF vulnerability due to missing permission check in Jenkins JMS Messaging Plugin
4.3
CVSS Score
3.0
Basic Information
CVE ID
GHSA ID
EPSS Score
0.03817%
CWE
Published
5/13/2022
Updated
1/30/2024
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
---|---|---|---|
org.jenkins-ci.plugins:jms-messaging | maven | <= 1.1.1 | 1.1.2 |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability stems from form validation methods handling JMS broker URLs without proper permission checks. Both classes mentioned in the advisory (SSLCertificateAuthenticationMethod
and UsernameAuthenticationMethod
) would contain doCheckBrokerUrl
methods that process
user input. The advisory explicitly states these were modified to add permission checks and POST requirements, confirming they were the vulnerable entry points. These methods would appear in stack traces when attackers trigger SSRF by submitting malicious broker URLs.