Miggo Logo

CVE-2019-1003084: CSRF vulnerability in Zephyr Enterprise Test Management Plugin

6.5

CVSS Score
3.0

Basic Information

EPSS Score
0.37242%
Published
5/13/2022
Updated
1/9/2024
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:zephyr-enterprise-test-managementmaven< 1.81.8

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from two missing security controls in doTestConnection: 1) Absence of @POST verb annotation made it vulnerable to CSRF via GET requests. 2) Missing Jenkins.getInstance().checkPermission(Jenkins.ADMINISTER) allowed low-privileged users to execute the connection test. The commit a2a6986 explicitly adds both protections, confirming these were the vulnerable aspects.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *ross-sit* r*qu*st *or**ry vuln*r**ility in J*nkins Z*p*yr *nt*rpris* T*st M*n***m*nt Plu*in in t** Z****s*riptor#*oT*st*onn**tion *orm v*li**tion m*t*o* *llows *tt**k*rs to initi*t* * *onn**tion to *n *tt**k*r-sp**i*i** s*rv*r.

Reasoning

T** vuln*r**ility st*ms *rom two missin* s**urity *ontrols in `*oT*st*onn**tion`: *) **s*n** o* `@POST` v*r* *nnot*tion m*** it vuln*r**l* to *SR* vi* **T r*qu*sts. *) Missin* `J*nkins.**tInst*n**().****kP*rmission(J*nkins.**MINIST*R)` *llow** low-pr