Miggo Logo
Book a Demo
Miggo Vulnerability Database
CVE-2022-36908

CVE-2022-36908:
CSRF vulnerability in Jenkins OpenShift Deployer Plugin

5.4

CVSS Score

Basic Information

CVE ID
CVE-2022-36908
GHSA ID
GHSA-5mv2-vqq7-mq5h
EPSS Score
-
CWE
CWE-352
Published
7/28/2022
Updated
1/28/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:openshift-deployermaven<= 1.2.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability explicitly states that 1) form validation methods lacked permission checks and 2) didn't require POST requests. In Jenkins plugin architecture, form validation is typically implemented through doCheck* methods in Descriptor classes. The combination of missing permission verification (allowing attackers with Overall/Read access) and missing HTTP method restrictions (enabling CSRF via GET) matches the described attack vectors of file existence checks and SSH key exfiltration.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Op*nS*i*t **ploy*r Plu*in *.*.* *n* **rli*r *o*s not p*r*orm p*rmission ****ks in m*t*o*s impl*m*ntin* *orm v*li**tion. T**s* *orm v*li**tion m*t*o*s *o not r*quir* POST r*qu*sts, r*sultin* in * *ross-sit* r*qu*st *or**ry (*SR*) vuln*r**ility.

Reasoning

T** vuln*r**ility *xpli*itly st*t*s t**t *) *orm v*li**tion m*t*o*s l**k** p*rmission ****ks *n* *) *i*n't r*quir* POST r*qu*sts. In J*nkins plu*in *r**it**tur*, *orm v*li**tion is typi**lly impl*m*nt** t*rou** *o****k* m*t*o*s in **s*riptor *l*ss*s.