CVE-2022-43408

{"id": "CVE-2022-43408", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2022-10-19T16:15:10.543", "references": [{"url": "http://www.openwall.com/lists/oss-security/2022/10/19/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "jenkinsci-cert@googlegroups.com"}, {"url": "https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2828", "tags": ["Vendor Advisory"], "source": "jenkinsci-cert@googlegroups.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Jenkins Pipeline: Stage View Plugin 2.26 and earlier does not correctly encode the ID of 'input' steps when using it to generate URLs to proceed or abort Pipeline builds, allowing attackers able to configure Pipelines to specify 'input' step IDs resulting in URLs that would bypass the CSRF protection of any target URL in Jenkins."}, {"lang": "es", "value": "Pipeline de Jenkins: Stage View Plugin versiones 2.26 y anteriores, no codifica correctamente el ID de los pasos \"input\" cuando es usado para generar URLs para proceder o abortar construcciones de Pipeline, lo que permite a atacantes capaces de configurar Pipelines para especificar IDs de pasos de \"input\" que resulten en URLs que puedan omitir la protecci\u00f3n de tipo CSRF de cualquier URL de destino en Jenkins"}], "lastModified": "2023-11-01T20:54:03.333", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:pipeline\\:stage_view:*:*:*:*:*:jenkins:*:*", "vulnerable": true, "matchCriteriaId": "073302C7-F62F-4B15-ADD7-56CC29F1AAB6", "versionEndExcluding": "2.27"}], "operator": "OR"}]}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com"}