Miggo Logo
Miggo Vulnerability Database
CVE-2022-34815

CVE-2022-34815: Cross-Site Request Forgery in Jenkins Request Rename Or Delete Plugin

4.3

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-34815
GHSA ID
GHSA-qq85-8g89-r5rc
EPSS Score
0.25402%
CWE
CWE-352
Published
7/1/2022
Updated
2/2/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:rrodmaven<= 1.1.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The CVE description and Jenkins advisory explicitly state the vulnerability stems from missing CSRF protection (POST requirement) on an endpoint that accepts pending requests. In Jenkins plugin architecture, such actions are typically handled by 'doX' methods in controller classes. The lack of POST enforcement implies the handler method (e.g., doAccept) does not validate the request method or CSRF token, making it vulnerable to forged GET/POST requests from malicious sites.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *ross-sit* r*qu*st *or**ry (*SR*) vuln*r**ility in J*nkins R*qu*st R*n*m* Or **l*t* Plu*in *.*.* *n* **rli*r *llows *tt**k*rs to ****pt p*n*in* r*qu*sts, t**r**y r*n*min* or **l*tin* jo*s.

Reasoning

T** *V* **s*ription *n* J*nkins **visory *xpli*itly st*t* t** vuln*r**ility st*ms *rom missin* *SR* prot**tion (POST r*quir*m*nt) on *n *n*point t**t ****pts p*n*in* r*qu*sts. In J*nkins plu*in *r**it**tur*, su** **tions *r* typi**lly **n*l** *y '*oX