CVE-2018-1000866

10.12.2018, 14:29

A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.8 HIGH	NETWORK	LOW	LOW	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 69%

Vendor	Product	Version
jenkins	pipeline\	𝑥 ≤ 2.59
redhat	openshift_container_platform	3.11

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-269 - Improper Privilege Management
The software does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References

https://access.redhat.com/errata/RHBA-2019:0326

https://access.redhat.com/errata/RHBA-2019:0327

https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186

https://access.redhat.com/errata/RHBA-2019:0326

https://access.redhat.com/errata/RHBA-2019:0327

https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186