CVE-2023-37947: Jenkins OpenShift Login Plugin vulnerable to Open Redirect
4.3
CVSS Score
3.1
Basic Information
CVE ID
GHSA ID
EPSS Score
0.19012%
CWE
Published
7/12/2023
Updated
11/8/2023
KEV Status
No
Technology
Java
Technical Details
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| org.openshift.jenkins:openshift-login | maven | < 1.1.0.230.v5d7030b | 1.1.0.230.v5d7030b |
Vulnerability Intelligence
Miggo AI
Root Cause Analysis
The vulnerability centers around improper redirect validation during OAuth2 login flow. The doFinishLogin method is the logical endpoint handling authentication completion where redirect parameter processing occurs. The getRedirectUrl helper would be involved in URL construction. Patches would have modified these to add validation (like checking for relative URLs), but in vulnerable versions they process the 'from' parameter without sufficient checks. These functions would appear in stack traces when processing malicious redirect parameters during authentication flows.