8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-21633

GHSA ID

GHSA-v7xh-h48c-xw5f

EPSS Score

0.23143%

CWE

CWE-352

Published

5/24/2022

Updated

12/7/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2021-21633

CVE-2021-21633: CSRF vulnerability and in Jenkins OWASP Dependency-Track Plugin allow capturing credentials

Jenkins OWASP Dependency-Track Plugin 3.1.0 and earlier does not perform permission checks in several HTTP endpoints.

This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing "Secret text" credentials stored in Jenkins. If no credentials ID is specified, the globally configured credential is used, if set up, and can likewise be captured.

Additionally, these HTTP endpoints do not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

Jenkins OWASP Dependency-Track Plugin 3.1.1 requires POST requests and appropriate permissions for the affected HTTP endpoints.

(GitHub Advisory)

8.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2021-21633

GHSA ID

GHSA-v7xh-h48c-xw5f

EPSS Score

0.23143%

CWE

CWE-352

Published

5/24/2022

Updated

12/7/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.jenkins-ci.plugins:dependency-track	maven	<= 3.1.0	3.1.1

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The commit diff shows these functions were modified to add @POST annotations and permission checks (Jenkins.ADMINISTER/Item.CONFIGURE). Their pre-patch versions: 1) Accepted any HTTP method (CSRFable), 2) Lacked authorization checks, 3) Handled credential-related operations. This matches the vulnerability description of unauthorized credential capture via CSRF. The Jelly UI changes enforcing POST align with the endpoint hardening.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*nkins OW*SP **p*n**n*y-Tr**k Plu*in *.*.* *n* **rli*r *o*s not p*r*orm p*rmission ****ks in s*v*r*l *TTP *n*points. T*is *llows *tt**k*rs wit* Ov*r*ll/R*** p*rmission to *onn**t to *n *tt**k*r-sp**i*i** URL usin* *tt**k*r-sp**i*i** *r***nti*ls I*s

Reasoning

T** *ommit *i** s*ows t**s* *un*tions w*r* mo*i*i** to *** @POST *nnot*tions *n* p*rmission ****ks (`J*nkins.**MINIST*R`/`It*m.*ON*I*UR*`). T**ir pr*-p*t** v*rsions: *) ****pt** *ny *TTP m*t*o* (`*SR***l*`), *) L**k** *ut*oriz*tion ****ks, *) **n*l**

8.8

Basic Information

Concerned about an active attack path?

CVE-2021-21633: CSRF vulnerability and in Jenkins OWASP Dependency-Track Plugin allow capturing credentials

8.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI