Request a Demo
Rewterz
Rewterz Threat Alert – Qakbot aka Pinkslipbot or Qbot Malware – Active IOCs
May 17, 2023
Rewterz
Rewterz Threat Advisory – Multiple Jenkins Azure VM Agents Plugin Vulnerabilities
May 17, 2023

Rewterz Threat Advisory – Multiple Jenkins SAML Single Sign On(SSO) Plugin Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-32995 CVSS:4.3

Jenkins SAML Single Sign On(SSO) Plugin is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to send emails vial miniOrange’s API. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

CVE-2023-32994 CVSS:4.8

Jenkins SAML Single Sign On(SSO) Plugin is vulnerable to a man-in-the-middle attack, caused by an issue with SSL/TLS certificate validation unconditionally disabled when connecting to miniOrange or the configured IdP. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information or further compromise the system.

CVE-2023-32993 CVSS:4.8

Jenkins SAML Single Sign On(SSO) Plugin could allow a remote authenticated attacker to obtain sensitive information, caused by improper handling of XML external entity (XXE) declarations by the XML parser. By using a specially crafted XML content, an attacker could exploit this vulnerability to obtain secrets from the Jenkins controller or perform server-side request forgery attacks.

CVE-2023-32992 CVSS:7.1

Jenkins SAML Single Sign On(SSO) Plugin could allow a remote authenticated attacker to obtain sensitive information, caused by improper handling of XML external entity (XXE) declarations by the XML parser. By using a specially crafted XML content, an attacker could exploit this vulnerability to obtain secrets from the Jenkins controller or perform server-side request forgery attacks.

CVE-2023-32991 CVSS:7.1

Jenkins SAML Single Sign On(SSO) Plugin is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to extract secrets from the Jenkins controller or server-side request forgery. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

Impact

  • Gain Access
  • Information Disclosure

Indicators Of Compromise

CVE

  • CVE-2023-32995
  • CVE-2023-32994
  • CVE-2023-32993
  • CVE-2023-32992
  • CVE-2023-32991

Affected Vendors

Jenkins

Affected Products

  • Jenkins SAML Single Sign On(SSO) Plugin 2.0.0
  • Jenkins SAML Single Sign On(SSO) Plugin 2.1.0
  • Jenkins SAML Single Sign On(SSO) Plugin 2.0.2

Remediation

Refer to Jenkins Security Advisory for patch, upgrade or suggested workaround information.

Jenkins Security Advisory