1880460 – (CVE-2020-2255) CVE-2020-2255 jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests.

Bug 1880460 (CVE-2020-2255) - CVE-2020-2255 jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests.

Summary: CVE-2020-2255 jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform...

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2020-2255
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1881477 1881478
Blocks:	1880461
TreeView+	depends on / blocked

Reported:	2020-09-18 15:39 UTC by Michael Kaplan
Modified:	2023-09-15 00:48 UTC (History)
CC List:	11 users (show)
Fixed In Version:	blueocean 1.23.3
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2020-10-27 20:21:49 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2020:4297	0	None	None	None	2020-10-27 14:53:54 UTC
Red Hat Product Errata	RHSA-2020:5102	0	None	None	None	2020-11-17 04:38:59 UTC

Description Michael Kaplan 2020-09-18 15:39:30 UTC

Blue Ocean Plugin 1.23.2 and earlier does not perform permission checks in several HTTP endpoints implementing connection tests.
This allows attackers with Overall/Read permission to connect to an attacker-specified URL.

Comment 1 Michael Kaplan 2020-09-18 15:39:33 UTC

External References:

https://www.openwall.com/lists/oss-security/2020/09/16/3
https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961

Comment 4 Przemyslaw Roguski 2020-09-22 13:47:32 UTC

In the jenkins-2-plugins package there is shipped the Blue Ocean Plugin in version 1.10.2 (in OpenShift 4.5 and 3.11).

Comment 6 errata-xmlrpc 2020-10-27 14:53:52 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 4.6

Via RHSA-2020:4297 https://access.redhat.com/errata/RHSA-2020:4297

Comment 7 Product Security DevOps Team 2020-10-27 20:21:49 UTC

This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-2255

Comment 8 errata-xmlrpc 2020-11-17 04:38:58 UTC

This issue has been addressed in the following products:

  Red Hat OpenShift Container Platform 3.11

Via RHSA-2020:5102 https://access.redhat.com/errata/RHSA-2020:5102

Comment 9 Red Hat Bugzilla 2023-09-15 00:48:25 UTC

The needinfo request[s] on this closed bug have been removed as they have been unresolved for 500 days

Note You need to log in before you can comment on or make changes to this bug.