4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-20614

GHSA ID

GHSA-558x-h7rg-997v

EPSS Score

0.83777%

CWE

CWE-732

Published

1/13/2022

Updated

12/27/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-20614

CVE-2022-20614:
Incorrect Permission Assignment for Critical Resource in Jenkins Mailer Plugin

Jenkins Mailer Plugin prior to 408.vd726a_1130320 and 1.34.2 does not perform a permission check in a method implementing form validation.

This allows attackers with Overall/Read access to use the DNS used by the Jenkins instance to resolve an attacker-specified hostname.

Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

Mailer Plugin 408.vd726a_1130320 and 1.34.2 requires POST requests and Overall/Administer permission for the affected form validation method.

(GitHub Advisory)

4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-20614

GHSA ID

GHSA-558x-h7rg-997v

EPSS Score

0.83777%

CWE

CWE-732

Published

1/13/2022

Updated

12/27/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.jenkins-ci.plugins:mailer	maven	>= 391.ve4a38c1bcf4b, < 408.vd726a	408.vd726a
org.jenkins-ci.plugins:mailer	maven	< 1.34.2	1.34.2

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability description explicitly states the form validation() method lacked permission checks and CSRF protections. The commit diff shows the vulnerable method was renamed from doCheckSmtpServer to doCheckSmtpHost, with added permission checks (Jenkins.get().checkPermission) and @RequirePOST annotation. Tests verify unauthorized users get blocked, confirming this was the attack vector.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*nkins M*il*r Plu*in prior to ***.v*****_******* *n* *.**.* *o*s not p*r*orm * p*rmission ****k in * m*t*o* impl*m*ntin* *orm v*li**tion. T*is *llows *tt**k*rs wit* Ov*r*ll/R*** ****ss to us* t** *NS us** *y t** J*nkins inst*n** to r*solv* *n *tt**

Reasoning

T** vuln*r**ility **s*ription *xpli*itly st*t*s t** *orm `v*li**tion()` m*t*o* l**k** p*rmission ****ks *n* *SR* prot**tions. T** *ommit *i** s*ows t** vuln*r**l* m*t*o* w*s r*n*m** *rom `*o****kSmtpS*rv*r` to `*o****kSmtp*ost`, wit* ***** p*rmission

4.3

Basic Information

Concerned about an active attack path?

CVE-2022-20614: Incorrect Permission Assignment for Critical Resource in Jenkins Mailer Plugin

4.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2022-20614:
Incorrect Permission Assignment for Critical Resource in Jenkins Mailer Plugin

Vulnerability Intelligence
Miggo AI