CVE-2017-1000085

6.5MEDIUM

Key Information:

Vendor: Jenkins
Status: Subversion
Vendor: CVE Published:; 4 October 2017

Summary

Subversion Plugin connects to a user-specified Subversion repository as part of form validation (e.g. to retrieve a list of tags). This functionality improperly checked permissions, allowing any user with Item/Build permission (but not Item/Configure) to connect to any web server or Subversion server and send credentials with a known ID, thereby possibly capturing them. Additionally, this functionality did not require POST requests be used, thereby allowing the above to be performed without direct access to Jenkins via Cross-Site Request Forgery attacks.

References

http://www.securityfocus.com/bid/99574

vdb-entryx_refsource_BID

https://jenkins.io/security/advisory/2017-07-10/

x_refsource_CONFIRM

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Oct 4, 2017
Vulnerability Reserved
Jul 13, 2017