5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2020-2288

CVE-2020-2288: Incorrect default pattern in Jenkins Audit Trail Plugin

Jenkins Audit Trail Plugin uses regular expressions to match requested URLs whose dispatch should be logged.

In Jenkins Audit Trail Plugin 3.6 and earlier, the default regular expression pattern could be bypassed in many cases by adding a suffix to the URL that would be ignored during request handling.

Jenkins Audit Trail Plugin 3.7 changes the default regular expression pattern so that it allows for arbitrary suffixes. It automatically will replace previous default patterns with the new, more complete default pattern.

Additionally, an administrative monitor is shown if a user-specified pattern is found to be bypassable through crafted URLs and form validation was improved to recognize patterns that would not match requests with arbitrary suffixes.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2020-2288

CVE-2020-2288:

5.3

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.jenkins-ci.plugins:audit-trail	maven	< 3.7	3.7

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from two key aspects: 1) The original default regex pattern lacked proper suffix handling (e.g., no '/?.*' at the end), making it vulnerable to bypass via URL manipulation. 2) The setPattern method didn't automatically detect/replace legacy vulnerable patterns. The commit introduced BypassablePatternMonitor to detect bad patterns and modified setPattern to auto-replace legacy defaults. The pattern initialization and setPattern method were directly responsible for maintaining the vulnerable regex configuration.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

5.3

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2020-2288: Incorrect default pattern in Jenkins Audit Trail Plugin

CVE-2020-2288:

5.3

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

CVE-2020-2288: Incorrect default pattern in Jenkins Audit Trail Plugin

Basic Information

Basic Information

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

5.3

5.3

Technical Details

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI