Miggo Logo
Miggo Vulnerability Database
CVE-2023-24447

CVE-2023-24447: Cross-site request forgery vulnerability in Jenkins RabbitMQ Consumer Plugin

8.8

CVSS Score
3.1

Basic Information

CVE ID
CVE-2023-24447
GHSA ID
GHSA-wj79-9fxj-j86p
EPSS Score
0.40969%
CWE
CWE-352
Published
1/26/2023
Updated
2/3/2023
KEV Status
No
Technology
TechnologyJava

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
org.jenkins-ci.plugins:rabbitmq-consumermaven<= 2.8

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability description explicitly mentions: 1) Missing permission check in form validation methods, and 2) CSRF vulnerability due to missing POST requirement. In Jenkins plugins, form validation methods like doCheck* are typically vulnerable to CSRF when not protected by @RequirePOST. The connection validation endpoint for AMQP(S) URLs would logically be implemented in the descriptor's connection check method. While exact code isn't available, Jenkins security patterns strongly suggest this implementation location.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* *ross-sit* r*qu*st *or**ry (*SR*) vuln*r**ility in J*nkins R***itMQ *onsum*r Plu*in *.* *n* **rli*r *llows *tt**k*rs to *onn**t to *n *tt**k*r-sp**i*i** *MQP(S) URL usin* *tt**k*r-sp**i*i** us*rn*m* *n* p*sswor*.

Reasoning

T** vuln*r**ility **s*ription *xpli*itly m*ntions: *) Missin* p*rmission ****k in *orm v*li**tion m*t*o*s, *n* *) *SR* vuln*r**ility *u* to missin* POST r*quir*m*nt. In J*nkins plu*ins, *orm v*li**tion m*t*o*s lik* `*o****k*` *r* typi**lly vuln*r**l*