CVE-2020-2196

Jenkins Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints, allowing attackers to perform all administrative actions provided by the plugin.

CVSS v3 8.0 HIGH
CVSS v2.0 6.0 MEDIUM

8.0^/10

CVSS v3 : HIGH

Vector :

Exploitability : 2.1 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:P

Exploitability : 6.8 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.openwall.com/lists/oss-security/2020/06/03/3	Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2022/04/14/2	Mailing List
https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1766	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:jenkins:selenium:*:*:*:*:*:jenkins:*:*

History

01 Jun 2022, 20:42

Type	Values Removed	Values Added
References	~~(MLIST) http://www.openwall.com/lists/oss-security/2022/04/14/2 -~~	(MLIST) http://www.openwall.com/lists/oss-security/2022/04/14/2 - Mailing List

15 Apr 2022, 00:15

Type	Values Removed	Values Added
References		(MLIST) http://www.openwall.com/lists/oss-security/2022/04/14/2 -

Information

Published : 2020-06-03 13:15

Updated : 2023-12-10 13:27

NVD link : CVE-2020-2196

Mitre link : CVE-2020-2196

CVE.ORG link : CVE-2020-2196

JSON object : View

Products Affected

jenkins

selenium

CWE

CWE-352

Cross-Site Request Forgery (CSRF)

{"id": "CVE-2020-2196", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:P", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 6.4, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.0, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.1}]}, "published": "2020-06-03T13:15:11.007", "references": [{"url": "http://www.openwall.com/lists/oss-security/2020/06/03/3", "tags": ["Mailing List", "Third Party Advisory"], "source": "jenkinsci-cert@googlegroups.com"}, {"url": "http://www.openwall.com/lists/oss-security/2022/04/14/2", "tags": ["Mailing List"], "source": "jenkinsci-cert@googlegroups.com"}, {"url": "https://jenkins.io/security/advisory/2020-06-03/#SECURITY-1766", "tags": ["Vendor Advisory"], "source": "jenkinsci-cert@googlegroups.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-352"}]}], "descriptions": [{"lang": "en", "value": "Jenkins Selenium Plugin 3.141.59 and earlier has no CSRF protection for its HTTP endpoints, allowing attackers to perform all administrative actions provided by the plugin."}, {"lang": "es", "value": "Jenkins Selenium Plugin versi\u00f3n 3.141.59 y anteriores, no poseen protecci\u00f3n de CSRF para sus endpoints HTTP, lo que permite a atacantes llevar a cabo todas las acciones administrativas proporcionadas por el plugin."}], "lastModified": "2023-10-25T18:16:35.687", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:selenium:*:*:*:*:*:jenkins:*:*", "vulnerable": true, "matchCriteriaId": "DC3404A5-1053-4AAA-BB4A-54053148EBB0", "versionEndIncluding": "3.141.59"}], "operator": "OR"}]}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com"}