4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-32999

GHSA ID

GHSA-2c5c-fhr8-pwh9

EPSS Score

0.3397%

CWE

CWE-276

Published

5/16/2023

Updated

11/7/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-32999

CVE-2023-32999: Jenkins AppSpider Plugin missing permission check

Jenkins AppSpider Plugin 1.0.15 and earlier does not perform a permission check in a method implementing form validation.

This allows attackers with Overall/Read permission to connect to an attacker-specified URL and send an HTTP POST request with a JSON payload consisting of attacker-specified credentials.

Additionally, this form validation method does not require POST requests, resulting in a cross-site request forgery (CSRF) vulnerability.

AppSpider Plugin 1.0.16 requires POST requests and Overall/Administer permission for the affected form validation method.

(GitHub Advisory)

4.3

CVSS Score

3.1

Basic Information

CVE ID

CVE-2023-32999

GHSA ID

GHSA-2c5c-fhr8-pwh9

EPSS Score

0.3397%

CWE

CWE-276

Published

5/16/2023

Updated

11/7/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
com.rapid7:jenkinsci-appspider-plugin	maven	<= 1.0.15	1.0.16

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability description explicitly mentions a missing permission check in a form validation method and CSRF vulnerability due to missing POST enforcement. In Jenkins plugins, form validation methods typically follow the 'do[Action]' naming pattern in DescriptorImpl classes. The combination of credential validation functionality and the described attack vector strongly suggests this method was responsible for server connection validation. The high confidence comes from: 1) Standard Jenkins plugin architecture patterns 2) Direct match with the vulnerability's technical description 3) The patched version's requirements aligning with typical fixes for such methods (adding @RequirePOST and permission checks)

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*nkins *ppSpi**r Plu*in *.*.** *n* **rli*r *o*s not p*r*orm * p*rmission ****k in * m*t*o* impl*m*ntin* *orm v*li**tion. T*is *llows *tt**k*rs wit* Ov*r*ll/R*** p*rmission to *onn**t to *n *tt**k*r-sp**i*i** URL *n* s*n* *n *TTP POST r*qu*st wit* *

Reasoning

T** vuln*r**ility **s*ription *xpli*itly m*ntions * missin* p*rmission ****k in * *orm `v*li**tion` m*t*o* *n* *SR* vuln*r**ility *u* to missin* `POST` *n*or**m*nt. In `J*nkins` plu*ins, *orm `v*li**tion` m*t*o*s typi**lly *ollow t** '*o[**tion]' n*m

4.3

Basic Information

Concerned about an active attack path?

CVE-2023-32999: Jenkins AppSpider Plugin missing permission check

4.3

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI