6.5

CVSS Score

Basic Information

CVE ID

CVE-2023-37944

GHSA ID

GHSA-w3p4-7823-m33q

EPSS Score

CWE

CWE-862

Published

7/12/2023

Updated

11/7/2023

KEV Status

Technology

Java

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2023-37944

CVE-2023-37944:
Jenkins Datadog Plugin does not perform a permission check in an HTTP endpoint.

Jenkins Datadog Plugin 5.4.1 and earlier does not perform a permission check in an HTTP endpoint.

This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

Datadog Plugin 5.4.2 requires Overall/Administer permission to access the affected HTTP endpoint.

(GitHub Advisory)

6.5

CVSS Score

Basic Information

CVE ID

CVE-2023-37944

GHSA ID

GHSA-w3p4-7823-m33q

EPSS Score

CWE

CWE-862

Published

7/12/2023

Updated

11/7/2023

KEV Status

Technology

Java

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
org.datadog.jenkins.plugins:datadog	maven	< 5.4.2	5.4.2

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability centers on an unauthenticated HTTP endpoint. Jenkins plugin endpoints typically use 'do[Action]' naming conventions in configuration classes. The credential exfiltration would require a connection testing mechanism, making doTestConnection the logical vulnerable endpoint. The patch would have added a checkPermission(Jenkins.ADMINISTER) call in this method, which aligns with the advisory's mitigation description. While the exact code isn't shown, Jenkins security patterns and the vulnerability description strongly indicate this as the affected endpoint handler.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

J*nkins **t**o* Plu*in *.*.* *n* **rli*r *o*s not p*r*orm * p*rmission ****k in *n *TTP *n*point. T*is *llows *tt**k*rs wit* Ov*r*ll/R*** p*rmission to *onn**t to *n *tt**k*r-sp**i*i** URL usin* *tt**k*r-sp**i*i** *r***nti*ls I*s o*t*in** t*rou** *n

Reasoning

T** vuln*r**ility **nt*rs on *n un*ut**nti**t** *TTP *n*point. J*nkins plu*in *n*points typi**lly us* '*o[**tion]' n*min* *onv*ntions in *on*i*ur*tion *l*ss*s. T** *r***nti*l *x*iltr*tion woul* r*quir* * *onn**tion t*stin* m****nism, m*kin* *oT*st*on

6.5

Basic Information

Concerned about an active attack path?

CVE-2023-37944: Jenkins Datadog Plugin does not perform a permission check in an HTTP endpoint.

6.5

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2023-37944:
Jenkins Datadog Plugin does not perform a permission check in an HTTP endpoint.

Vulnerability Intelligence
Miggo AI