Arbitrary Code Execution in Jenkins Pipeline due to Unsanitized Library Names
CVE-2022-25183

8.8HIGH

Key Information:

Vendor: Jenkins
Status: Jenkins Pipeline: Shared Groovy Libraries Plugin
Vendor: CVE Published:; 15 February 2022

Summary

The Shared Groovy Libraries Plugin for Jenkins can be exploited due to lack of sanitization in the naming of Pipeline libraries. This results in the creation of cache directories that may allow an attacker with Item/Configure permissions to execute arbitrary code on the Jenkins controller JVM. If a global Pipeline library configured to utilize caching exists, attackers can leverage specially crafted library names to compromise the system.

Affected Version(s)

Jenkins Pipeline: Shared Groovy Libraries Plugin <= 552.vd9cc05b8a2e1

Jenkins Pipeline: Shared Groovy Libraries Plugin 2.21

Jenkins Pipeline: Shared Groovy Libraries Plugin 2.21.1

References

https://www.jenkins.io/security/advisory/2022-02-15/#SECU...

x_refsource_CONFIRM

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Feb 15, 2022
Vulnerability Reserved
Feb 15, 2022