If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction.
History

Mon, 25 Nov 2024 19:15:00 +0000

Type Values Removed Values Added
Weaknesses CWE-843

Wed, 13 Nov 2024 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Jenkins
Jenkins jenkins
Weaknesses NVD-CWE-noinfo
CPEs cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:*
cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:*
Vendors & Products Jenkins
Jenkins jenkins
Metrics cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N'}

cvssV3_1

{'score': 4.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N'}


Wed, 06 Nov 2024 02:15:00 +0000

Type Values Removed Values Added
First Time appeared Redhat
Redhat ocp Tools
CPEs cpe:/a:redhat:ocp_tools:4.12::el8
cpe:/a:redhat:ocp_tools:4.13::el8
cpe:/a:redhat:ocp_tools:4.14::el8
cpe:/a:redhat:ocp_tools:4.15::el8
Vendors & Products Redhat
Redhat ocp Tools

Thu, 03 Oct 2024 01:15:00 +0000

Type Values Removed Values Added
Title jenkins: Item creation restriction bypass vulnerability
Weaknesses CWE-1220
References
Metrics threat_severity

None

cvssV3_1

{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N'}

threat_severity

Moderate


Wed, 02 Oct 2024 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Wed, 02 Oct 2024 15:45:00 +0000

Type Values Removed Values Added
Description If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: jenkins

Published: 2024-10-02T15:35:03.020Z

Updated: 2024-11-25T18:54:31.781Z

Reserved: 2024-10-01T20:59:52.483Z

Link: CVE-2024-47804

cve-icon Vulnrichment

Updated: 2024-10-02T16:31:14.661Z

cve-icon NVD

Status : Modified

Published: 2024-10-02T16:15:10.697

Modified: 2024-11-25T19:15:10.873

Link: CVE-2024-47804

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-10-02T15:35:03Z

Links: CVE-2024-47804 - Bugzilla