Miggo Logo

CVE-2019-10473: Jenkins Libvirt Slaves Plugin vlnerable to Credential Enumeration

4.3

CVSS Score
3.1

Basic Information

EPSS Score
0.0722%
Published
5/24/2022
Updated
12/25/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:libvirt-slavemaven< 1.8.61.8.6

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing permission checks in form validation methods (annotated with @QueryParameter). The GitHub patch adds Jenkins.ADMINISTER checks to these specific functions, which handle credential-related operations. These methods were accessible to users with Overall/Read permission due to the lack of proper authorization, enabling credential ID enumeration. The commit diff and CVE description directly correlate to these functions being the attack surface.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* missin* p*rmission ****k in J*nkins Li*virt Sl*v*s Plu*in in *orm-r*l*t** m*t*o*s *llow** us*rs wit* Ov*r*ll/R*** ****ss to *num*r*t* *r***nti*ls I* o* *r***nti*ls stor** in J*nkins.

Reasoning

T** vuln*r**ility st*ms *rom missin* p*rmission ****ks in *orm v*li**tion m*t*o*s (*nnot*t** wit* @Qu*ryP*r*m*t*r). T** *it*u* p*t** ***s `J*nkins.**MINIST*R` ****ks to t**s* sp**i*i* *un*tions, w*i** **n*l* *r***nti*l-r*l*t** op*r*tions. T**s* m*t*o