1545904 – (CVE-2018-6356) CVE-2018-6356 jenkins: Path traversal allows access to files outside plugin resources

Bug 1545904 (CVE-2018-6356) - CVE-2018-6356 jenkins: Path traversal allows access to files outside plugin resources

Summary: CVE-2018-6356 jenkins: Path traversal allows access to files outside plugin r...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2018-6356
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1545905 1565314 1565315
Blocks:	1545912
TreeView+	depends on / blocked

Reported:	2018-02-15 19:46 UTC by Laura Pardo
Modified:	2021-10-21 19:54 UTC (History)
CC List:	11 users (show)
Fixed In Version:	jenkins weekly 2.107, jenkins LTS 2.89.4
Clone Of:
Environment:
Last Closed:	2021-10-21 19:54:45 UTC
Embargoed:

Attachments	(Terms of Use)

Description Laura Pardo 2018-02-15 19:46:00 UTC

A flaw was found in Jenkins weekly up to and including 2.106 and Jenkins LTS up to and including 2.89.3. Jenkins did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins master they should not have access to.

On Windows, any file accessible to the Jenkins master process could be downloaded. On other operating systems, any file within the Jenkins home directory accessible to the Jenkins master process could be downloaded.


References:
https://jenkins.io/security/advisory/2018-02-14/

Comment 1 Laura Pardo 2018-02-15 19:46:27 UTC

Created jenkins tracking bugs for this issue:

Affects: fedora-all [bug 1545905]

Note You need to log in before you can comment on or make changes to this bug.