Miggo Logo
Miggo Vulnerability Database
CVE-2022-20620

CVE-2022-20620: Missing permission checks in SSH Agent Plugin allow enumerating credentials IDs

4.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-20620
GHSA ID
GHSA-9wxh-jjj5-67cv
EPSS Score
0.75657%
CWE
CWE-668
Published
1/13/2022
Updated
12/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:ssh-agentmaven>= 1.23, < 1.23.21.23.2
org.jenkins-ci.plugins:ssh-agentmaven< 1.22.11.22.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from missing authorization checks in HTTP endpoints handling credential enumeration. The commit diff shows both methods were modified to add ACL checks using AccessControlled and CredentialsProvider.VIEW permissions. The added Security2189Test.java confirms these were the vulnerable endpoints by testing permission enforcement scenarios. The functions' pre-patch versions allowed credential ID leakage to users with only Overall/Read access, violating CWE-862 (Missing Authorization).

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*nkins SS* ***nt Plu*in prior to *.**.* *n* *.**.* *o*s not p*r*orm p*rmission ****ks in s*v*r*l *TTP *n*points. T*is *llows *tt**k*rs wit* Ov*r*ll/R*** ****ss to *num*r*t* *r***nti*ls I*s o* *r***nti*ls stor** in J*nkins. T*os* **n ** us** *s p*rt

Reasoning

T** vuln*r**ility st*ms *rom missin* *ut*oriz*tion ****ks in *TTP *n*points **n*lin* *r***nti*l *num*r*tion. T** *ommit *i** s*ows *ot* m*t*o*s w*r* mo*i*i** to *** **L ****ks usin* ****ss*ontroll** *n* *r***nti*lsProvi**r.VI*W p*rmissions. T** *****