Miggo Logo

CVE-2022-25207: CSRF vulnerability in Jenkins Chef Sinatra Plugin allow XXE

8.8

CVSS Score
3.1

Basic Information

EPSS Score
0.22656%
Published
2/16/2022
Updated
10/27/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:sinatra-chef-buildermaven<= 1.20

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability description explicitly mentions a form validation() method with three flaws: missing permission check, missing POST requirement (CSRF), and insecure XML parsing (XXE). In Jenkins plugins, form validation is typically handled by doCheck* methods in Descriptor classes. The combination of these three flaws in a single validation endpoint matches the described attack vector where low-privileged users can trigger external HTTP requests and XML parsing via CSRF.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*nkins **** Sin*tr* Plu*in *.** *n* **rli*r *o*s not p*r*orm * p*rmission ****k in * m*t*o* impl*m*ntin* *orm v*li**tion. T*is *llows *tt**k*rs wit* Ov*r*ll/R*** p*rmission to **v* J*nkins s*n* *n *TTP r*qu*st to *n *tt**k*r-*ontroll** URL *n* **v*

Reasoning

T** vuln*r**ility **s*ription *xpli*itly m*ntions * *orm `v*li**tion()` m*t*o* wit* t*r** *l*ws: missin* p*rmission ****k, missin* POST r*quir*m*nt (*SR*), *n* ins**ur* XML p*rsin* (XX*). In `J*nkins` plu*ins, *orm `v*li**tion` is typi**lly **n*l** *