Miggo Logo
Miggo Vulnerability Database
CVE-2020-2211

CVE-2020-2211: RCE vulnerability in ElasticBox Jenkins Kubernetes CI/CD Plugin

8.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2020-2211
GHSA ID
GHSA-9r3h-wm3x-v245
EPSS Score
0.73202%
CWE
CWE-502
Published
5/24/2022
Updated
1/28/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
com.elasticbox.jenkins-ci.plugins:kubernetes-cimaven<= 1.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

While exact function names/paths aren't provided in disclosures, the vulnerability root cause is clearly identified as unsafe YAML deserialization configuration. In Java/YAML contexts, this typically manifests in functions that: 1) Use default YAML.load() methods without type filtering 2) Fail to set a SafeConstructor 3) Process untrusted YAML input. The high confidence comes from the advisory's explicit statement about missing parser configuration for type restrictions - a known antipattern in deserialization vulnerabilities.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

*l*sti**ox J*nkins Ku**rn*t*s *I/** Plu*in *.* *n* **rli*r *o*s not *on*i*ur* its Y*ML p*rs*r to pr*v*nt t** inst*nti*tion o* *r*itr*ry typ*s. T*is r*sults in * r*mot* *o** *x**ution (R**) vuln*r**ility *xploit**l* *y us*rs **l* to provi** Y*ML input

Reasoning

W*il* *x**t `*un*tion n*m*s`/p*t*s *r*n't provi*** in *is*losur*s, t** vuln*r**ility root **us* is *l**rly i**nti*i** *s uns*** Y*ML **s*ri*liz*tion *on*i*ur*tion. In J*v*/Y*ML *ont*xts, t*is typi**lly m*ni**sts in *un*tions t**t: *) Us* ****ult `Y*M