Miggo Logo

CVE-2021-21627: CSRF vulnerability in Jenkins Libvirt Agents Plugin

8.8

CVSS Score
3.1

Basic Information

EPSS Score
0.23143%
Published
5/24/2022
Updated
12/22/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:libvirt-slavemaven<= 1.9.01.9.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The commit diff explicitly shows the addition of the @POST annotation to the doControlSubmit method. The vulnerability description states the endpoint accepted non-POST requests, enabling CSRF. The function's role in VM control and the security fix's nature directly implicate this method as the vulnerable component.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*nkins Li*virt ***nts Plu*in *.*.* *n* **rli*r *o*s not r*quir* POST r*qu*sts *or * *orm su*mission *n*point, r*sultin* in * *ross-sit* r*qu*st *or**ry (*SR*) vuln*r**ility. T*is vuln*r**ility *llows *tt**k*rs to stop *yp*rvisor *om*ins. J*nkins L

Reasoning

T** *ommit *i** *xpli*itly s*ows t** ***ition o* t** @POST *nnot*tion to t** `*o*ontrolSu*mit` m*t*o*. T** vuln*r**ility **s*ription st*t*s t** *n*point ****pt** non-POST r*qu*sts, *n**lin* *SR*. T** *un*tion's rol* in VM *ontrol *n* t** s**urity *ix