CVE-2022-43429

Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to read arbitrary files on the Jenkins controller file system.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
http://www.openwall.com/lists/oss-security/2022/10/19/3	Mailing List Third Party Advisory
https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2624	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:jenkins:compuware_topaz_for_total_test:*:*:*:*:*:jenkins:*:*

OR	cpe:2.3:a:jenkins:jenkins:::::lts:::*
	cpe:2.3:a:jenkins:jenkins:::::-:::*

History

No history.

Information

Published : 2022-10-19 16:15

Updated : 2023-11-03 01:41

NVD link : CVE-2022-43429

Mitre link : CVE-2022-43429

CVE.ORG link : CVE-2022-43429

JSON object : View

Products Affected

jenkins

jenkins
compuware_topaz_for_total_test

CWE

NVD-CWE-noinfo

{"id": "CVE-2022-43429", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2022-10-19T16:15:11.730", "references": [{"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "jenkinsci-cert@googlegroups.com"}, {"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2624", "tags": ["Vendor Advisory"], "source": "jenkinsci-cert@googlegroups.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier implements an agent/controller message that does not limit where it can be executed, allowing attackers able to control agent processes to read arbitrary files on the Jenkins controller file system."}, {"lang": "es", "value": "Jenkins Compuware Topaz for Total Test Plugin versiones 2.4.8 y anteriores, implementan un mensaje agent/controller que no limita d\u00f3nde puede ser ejecutado, permitiendo a atacantes capaces de controlar los procesos del agente leer archivos arbitrarios en el sistema de archivos del controlador de Jenkins"}], "lastModified": "2023-11-03T01:41:51.027", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:compuware_topaz_for_total_test:*:*:*:*:*:jenkins:*:*", "vulnerable": true, "matchCriteriaId": "9BBA3703-E550-492C-B952-BA184EE2C37E", "versionEndIncluding": "2.4.8"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*", "vulnerable": false, "matchCriteriaId": "988C6F39-A7CD-4CF3-8E38-A0179F078528", "versionEndIncluding": "2.303.2"}, {"criteria": "cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*", "vulnerable": false, "matchCriteriaId": "F7399F73-979B-4229-A283-53BFB4C6A768", "versionEndIncluding": "2.318"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com"}