Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript expressions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control test case class names in the JUnit resources processed by the plugin.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0775 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    * apache-commons-text: variable interpolation RCE (CVE-2022-42889)

    * SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)

    * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)

    * jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin     (CVE-2023-24422)

    * Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)

    * jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)

    * jenkins: cross-site WebSocket hijacking (CVE-2024-23898)

    * jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

    * jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin     (CVE-2023-25762)

    * Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)

    * Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0778 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    * apache-commons-text: variable interpolation RCE (CVE-2022-42889)

    * google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can     lead to improper authorization (CVE-2020-7692)

    * maven: Block repositories using http by default (CVE-2021-26291)

    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)

    * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)

    * jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin     (CVE-2023-24422)

    * jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)

    * jenkins: cross-site WebSocket hijacking (CVE-2024-23898)

    * golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)

    * guava: insecure temporary directory creation (CVE-2023-2976)

    * springframework: Spring Expression DoS Vulnerability (CVE-2023-20861)

    * spring-security: Empty SecurityContext Is Not Properly Saved Upon Logout (CVE-2023-20862)

    * jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

    * jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin     (CVE-2023-25762)

    * jetty-server: OutOfMemoryError for large multipart without filename read via request.getParameter()     (CVE-2023-26048)

    * jetty-server: Cookie parsing of quoted values can exfiltrate values from other cookies (CVE-2023-26049)

    * Jenkins: Open redirect vulnerability in OpenShift Login Plugin (CVE-2023-37947)

    * jetty: Improper validation of HTTP/1 content-length (CVE-2023-40167)

    * jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin (CVE-2023-40337)

    * jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin (CVE-2023-40338)

    * jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin     (CVE-2023-40339)

    * jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials     (CVE-2023-40341)

    * Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)

    * Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6171 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    CVE-2023-27904 jenkins: Information disclosure through error stack traces related to agents     CVE-2023-27903 jenkins: Temporary file parameter created with insecure permissions     CVE-2022-42889 jenkins-2-plugins: apache-commons-text: variable interpolation RCE     CVE-2023-25762 jenkins-2-plugins: jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in     Pipeline: Build Step Plugin     CVE-2023-25761 jenkins-2-plugins: jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin     CVE-2022-42889 jenkins-2-plugins: apache-commons-text: variable interpolation RCE     CVE-2022-1471 jenkins-2-plugins: SnakeYaml: Constructor Deserialization Remote Code Execution     CVE-2023-24422 jenkins-2-plugins: jenkins-2-plugins/script-security: Sandbox bypass vulnerability in     Script Security Plugin     CVE-2023-25761 jenkins-2-plugins: jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin     CVE-2023-25762 jenkins-2-plugins: jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in     Pipeline: Build Step Plugin     CVE-2022-29599 jenkins-2-plugins: maven-shared-utils: Command injection via Commandline class     CVE-2023-39325 openshift-jenkins-2-container: golang: net/http, x/net/http2: rapid stream resets can cause     excessive work/

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0776 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    * apache-commons-text: variable interpolation RCE (CVE-2022-42889)

    * maven: Block repositories using http by default (CVE-2021-26291)

    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)

    * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)

    * jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin     (CVE-2023-24422)

    * Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)

    * jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE (CVE-2024-23897)

    * jenkins: cross-site WebSocket hijacking (CVE-2024-23898)

    * jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

    * jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin     (CVE-2023-25762)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0777 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    * golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)     (CVE-2023-39325)

    * HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)     (CVE-2023-44487)

    * apache-commons-text: variable interpolation RCE (CVE-2022-42889)

    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)

    * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)

    * jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin     (CVE-2023-24422)

    * Jenkins: Session fixation vulnerability in OpenShift Login Plugin (CVE-2023-37946)

    * jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin may approve unsandboxed scripts     (CVE-2023-40336)

    * guava: insecure temporary directory creation (CVE-2023-2976)

    * jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

    * jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin     (CVE-2023-25762)

    * jackson-databind: denial of service via cylic dependencies (CVE-2023-35116)

    * Jenkins: Open redirect vulnerability in OpenShift Login Plugin (CVE-2023-37947)

    * jenkins-plugins: cloudbees-folder: CSRF vulnerability in Folders Plugin (CVE-2023-40337)

    * jenkins-plugins: cloudbees-folder: Information disclosure in Folders Plugin (CVE-2023-40338)

    * jenkins-plugins: config-file-provider: Improper masking of credentials in Config File Provider Plugin     (CVE-2023-40339)

    * jenkins-plugins: blueocean: CSRF vulnerability in Blue Ocean Plugin allows capturing credentials     (CVE-2023-40341)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6179 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    * golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-44487)     (CVE-2023-39325)

    * HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)     (CVE-2023-44487)

    * apache-commons-text: variable interpolation RCE (CVE-2022-42889)

    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)

    * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)

    * jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin     (CVE-2023-24422)

    * jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

    * jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin     (CVE-2023-25762)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6172 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    CVE-2023-27904 jenkins: Information disclosure through error stack traces related to agents     CVE-2023-27903 jenkins: Temporary file parameter created with insecure permissions     CVE-2023-25762 jenkins-2-plugins: jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in     Pipeline: Build Step Plugin     CVE-2023-25761 jenkins-2-plugins: jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin     CVE-2022-25857 jenkins-2-plugins: snakeyaml: Denial of Service due to missing nested depth limitation for     collections     CVE-2022-42889 jenkins-2-plugins: apache-commons-text: variable interpolation RCE     CVE-2020-7692 jenkins-2-plugins: google-oauth-client: missing PKCE support in accordance with the RFC for     OAuth 2.0 for Native Apps can lead to improper authorization     CVE-2023-24422 jenkins-2-plugins: jenkins-2-plugins/script-security: Sandbox bypass vulnerability in     Script Security Plugin     CVE-2023-25761 jenkins-2-plugins: jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin     CVE-2023-25762 jenkins-2-plugins: jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in     Pipeline: Build Step Plugin     CVE-2022-42889 jenkins-2-plugins: apache-commons-text: variable interpolation RCE     CVE-2022-29599 jenkins-2-plugins: maven-shared-utils: Command injection via Commandline class     CVE-2023-39325 openshift-jenkins-2-container: golang: net/http, x/net/http2: rapid stream resets can cause     excessive work

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3195 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    * apache-commons-text: variable interpolation RCE (CVE-2022-42889)

    * jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin     (CVE-2023-24422)

    * jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

    * jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin     (CVE-2023-25762)

    * Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)

    * Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3198 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    * apache-commons-text: variable interpolation RCE (CVE-2022-42889)

    * jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin     (CVE-2022-43401)

    * jenkins-plugin/workflow-cps: Sandbox bypass vulnerabilities in Pipeline: Groovy Plugin (CVE-2022-43402)

    * jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin     (CVE-2022-43403)

    * jenkins-plugin/script-security: Sandbox bypass vulnerabilities in Jenkins Script Security Plugin     (CVE-2022-43404)

    * jenkins-plugin/pipeline-groovy-lib: Sandbox bypass vulnerability in Pipeline: Groovy Libraries Plugin     (CVE-2022-43405)

    * jenkins-plugin/workflow-cps-global-lib: Sandbox bypass vulnerability in Pipeline: Deprecated Groovy     Libraries Plugin (CVE-2022-43406)

    * maven: Block repositories using http by default (CVE-2021-26291)

    * SnakeYaml: Constructor Deserialization Remote Code Execution (CVE-2022-1471)

    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)

    * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)

    * jenkins-plugin/pipeline-input-step: CSRF protection for any URL can be bypassed in Pipeline: Input Step     Plugin (CVE-2022-43407)

    * mina-sshd: Java unsafe deserialization vulnerability (CVE-2022-45047)

    * jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin     (CVE-2023-24422)

    * Jenkins plugin: CSRF vulnerability in Blue Ocean Plugin (CVE-2022-30953)

    * Jenkins plugin: missing permission checks in Blue Ocean Plugin (CVE-2022-30954)

    * jenkins-plugin/pipeline-stage-view: CSRF protection for any URL can be bypassed in Pipeline: Stage View     Plugin (CVE-2022-43408)

    * jenkins-plugin/workflow-support: Stored XSS vulnerability in Pipeline: Supporting APIs Plugin     (CVE-2022-43409)

    * jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

    * jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin     (CVE-2023-25762)

    * Jenkins: Temporary file parameter created with insecure permissions (CVE-2023-27903)

    * Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3299 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    * apache-commons-text: variable interpolation RCE (CVE-2022-42889)

    * google-oauth-client: missing PKCE support in accordance with the RFC for OAuth 2.0 for Native Apps can     lead to improper authorization (CVE-2020-7692)

    * jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin     (CVE-2023-24422)

    * kubernetes-client: Insecure deserialization in unmarshalYaml method (CVE-2021-4178)

    * jackson-databind: Possible DoS if using JDK serialization to serialize JsonNode (CVE-2021-46877)

    * springframework: Authorization Bypass in RegexRequestMatcher (CVE-2022-22978)

    * xstream: Xstream to serialise XML data was vulnerable to Denial of Service attacks (CVE-2022-40151)

    * woodstox-core: woodstox to serialise XML data was vulnerable to Denial of Service attacks     (CVE-2022-40152)

    * Apache Commons FileUpload: FileUpload DoS with excessive parts (CVE-2023-24998)

    * jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

    * jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin     (CVE-2023-25762)

    * Jenkins: Denial of Service attack (CVE-2023-27900)

    * Jenkins: Denial of Service attack (CVE-2023-27901)

    * Jenkins: Workspace temporary directories accessible through directory browser (CVE-2023-27902)

    * Jenkins: Information disclosure through error stack traces related to agents (CVE-2023-27904)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1866 advisory.

    Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution     designed for on-premise or private cloud deployments.

    This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.58. See the     following advisory for the container images for this release:

    https://access.redhat.com/errata/RHBA-2023:1867

    Security Fix(es):

    * apache-commons-text: variable interpolation RCE (CVE-2022-42889)

    * jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

    * jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin     (CVE-2023-25762)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7288 advisory.

    Jenkins is a continuous integration server that monitors executions of repeated jobs, such as building a     software project or jobs run by cron.

    Security Fix(es):

    * golang: net/http, x/net/http2: rapid stream resets can cause excessive work (Rapid Reset Attack)     (CVE-2023-39325)

    * HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack (Rapid Reset Attack)     (CVE-2023-44487)

    A Red Hat Security Bulletin which addresses further details about the Rapid Reset flaw is available in the     References section.

    * snakeyaml: Denial of Service due to missing nested depth limitation for collections (CVE-2022-25857)

    * maven-shared-utils: Command injection via Commandline class (CVE-2022-29599)

    * apache-commons-text: variable interpolation RCE (CVE-2022-42889)

    * jenkins-2-plugins/script-security: Sandbox bypass vulnerability in Script Security Plugin     (CVE-2023-24422)

    * jenkins-2-plugins/JUnit: Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

    * jenkins-2-plugins/pipeline-build-step: Stored XSS vulnerability in Pipeline: Build Step Plugin     (CVE-2023-25762)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and     other related information, refer to the CVE page(s) listed in the References section.

Tenable has extracted the preceding description block directly from the Red Hat Enterprise Linux security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1866 advisory.

  - Jenkins JUnit Plugin 1166.va_436e268e972 and earlier does not escape test case class names in JavaScript     expressions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able     to control test case class names in the JUnit resources processed by the plugin. (CVE-2023-25761)

  - Jenkins Pipeline: Build Step Plugin 2.18 and earlier does not escape job names in a JavaScript expression     used in the Pipeline Snippet Generator, resulting in a stored cross-site scripting (XSS) vulnerability     exploitable by attackers able to control job names. (CVE-2023-25762)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

The version of Jenkins Enterprise or Jenkins Operations Center running on the remote web server is 2.346.x prior to 2.346.40.0.9. It is, therefore, affected by multiple vulnerabilities including the following:

  - CSRF vulnerability and missing permission checks in Synopsys Coverity Plugin allow capturing credentials     (CVE-2023-23847, CVE-2023-23848)

  - Missing permission checks in Synopsys Coverity Plugin allow enumerating credentials IDs (CVE-2023-23850)

  - Stored XSS vulnerability in JUnit Plugin (CVE-2023-25761)

  - Stored XSS vulnerability in Pipeline: Build Step Plugin (CVE-2023-25762)

  - XSS vulnerability in bundled email templates in Email Extension Plugin (CVE-2023-25763)

  - Stored XSS vulnerability in custom email templates in Email Extension Plugin (CVE-2023-25764)

  - Script Security sandbox bypass vulnerability in Email Extension Plugin (CVE-2023-25765)

  - Missing permission checks in Azure Credentials Plugin allow enumerating credentials IDs (CVE-2023-25766)

  - CSRF vulnerability and missing permission checks in Azure Credentials Plugin (CVE-2023-25767,     CVE-2023-25768)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
194437	RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0775)	Nessus	Red Hat Local Security Checks	critical
194435	RHEL 8 : Jenkins and Jenkins-2-plugins (RHSA-2024:0778)	Nessus	Red Hat Local Security Checks	critical
194410	RHEL 8 : Red Hat Product OCP Tools 4.11 Openshift Jenkins (RHSA-2023:6171)	Nessus	Red Hat Local Security Checks	critical
194395	RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0776)	Nessus	Red Hat Local Security Checks	critical
194374	RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0777)	Nessus	Red Hat Local Security Checks	critical
194368	RHEL 8 : Red Hat Product OCP Tools 4.13 OpenShift Jenkins (RHSA-2023:6179)	Nessus	Red Hat Local Security Checks	critical
194352	RHEL 8 : Red Hat Product OCP Tools 4.12 Openshift Jenkins (RHSA-2023:6172)	Nessus	Red Hat Local Security Checks	critical
194325	RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3195)	Nessus	Red Hat Local Security Checks	critical
194295	RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3198)	Nessus	Red Hat Local Security Checks	critical
194250	RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2023:3299)	Nessus	Red Hat Local Security Checks	critical
194224	RHEL 8 : OpenShift Container Platform 4.10.58 (RHSA-2023:1866)	Nessus	Red Hat Local Security Checks	medium
193753	RHEL 8 : Red Hat Product OCP Tools 4.14 Openshift Jenkins (RHSA-2023:7288)	Nessus	Red Hat Local Security Checks	critical
189430	RHCOS 4 : OpenShift Container Platform 4.10.58 (RHSA-2023:1866)	Nessus	Red Hat Local Security Checks	medium
171501	Jenkins Enterprise and Operations Center 2.346.x < 2.346.40.0.9 Multiple Vulnerabilities (CloudBees Security Advisory 2023-02-15)	Nessus	CGI abuses	critical

Detections

Analytics

CVE-2023-25761

medium

Tenable Plugins

critical

critical

critical

critical

critical

critical

critical

critical

critical

critical

medium

critical

medium

critical