Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
8.8
CVSSv3

CVE-2019-1003002

Published: 22/01/2019 Updated: 25/10/2023
CVSS v2 Base Score: 6.5 | Impact Score: 6.4 | Exploitability Score: 8
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 655
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P
Subscribe to Pipeline\

Vulnerability Summary

A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 1.3.3 and previous versions in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Converter.groovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

jenkins pipeline\\ _declarative

redhat openshift container platform 3.11

Vendor Advisories

Red Hat: CVE-2019-1003002
A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin 133 and earlier in pipeline-model-definition/src/main/groovy/org/jenkinsci/plugins/pipeline/modeldefinition/parser/Convertergroovy that allows attackers with Overall/Read permission to provide a pipeline script to an HTTP endpoint that can result in arbitrary code execution on ...

Exploits

Exploit DB: Jenkins 2.137 and Pipeline Groovy Plugin 2.61 - ACL Bypass and Metaprogramming RCE (Metasploit)
## # This module requires Metasploit: metasploitcom/download # Current source: githubcom/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer include Msf::Exploit::FileDropper def initi ...

Github Repositories

https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc

Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)

PoC: Jenkins RCE SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative) A proof of concept to allow users with Overall/Read permission and Job/Configure (and optional Job/Build) to bypass the sandbox protection and execute arbitrary code on the Jenkins master or node Update: An article by Orange Tsai

References

NVD-CWE-Otherhttps://jenkins.io/security/advisory/2019-01-08/#SECURITY-1266https://access.redhat.com/errata/RHBA-2019:0326https://www.exploit-db.com/exploits/46572/http://www.rapid7.com/db/modules/exploit/multi/http/jenkins_metaprogramminghttp://packetstormsecurity.com/files/152132/Jenkins-ACL-Bypass-Metaprogramming-Remote-Code-Execution.htmlhttps://access.redhat.com/errata/RHBA-2019:0327https://nvd.nist.govhttps://github.com/adamyordan/cve-2019-1003000-jenkins-rce-pochttps://www.exploit-db.com/exploits/46572https://access.redhat.com/security/cve/cve-2019-1003002
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975CVE-2024-2961CVE-2024-20380XML injectionHTML injectionCVE-2024-29204CVE-2023-51795memory leakCVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook