RETIRED: Jenkins CVE-2017-1000392 HTML Injection Vulnerability



Jenkins is prone to an HTML-injection vulnerability because it fails to properly sanitize user-supplied input.

Successful exploits will result in the execution of arbitrary attacker-supplied HTML and script code in the context of the affected application, potentially allowing the attacker to steal cookie-based authentication credentials or control how the page is rendered to the user. Other attacks are also possible.
The following products are affected:
Jenkins 2.88 and prior.
Jenkins LTS 2.73.2 and prior.
NOTE: This BID is being retired as it is a duplicate of BID 101773 (Jenkins Multiple Security Vulnerabilities).

Information

Bugtraq ID: 102826
Class: Input Validation Error
CVE:
Remote: Yes
Local: No
Published: Nov 08 2017 12:00AM
Updated: Jan 29 2018 12:00PM
Credit: Viktor Gazdag of NCC Group
Vulnerable: Jenkins-Ci Jenkins LTS 2.73.2
Jenkins-Ci Jenkins LTS 2.46.2
Jenkins-Ci Jenkins LTS 2.46.1
Jenkins-Ci Jenkins LTS 2.32.2
Jenkins-Ci Jenkins LTS 2.32.1
Jenkins-Ci Jenkins LTS 2.19.3
Jenkins-Ci Jenkins LTS 2.19.2
Jenkins-Ci Jenkins LTS 1.652.2
Jenkins-Ci Jenkins LTS 1.651.2
Jenkins-Ci Jenkins LTS 1.651.1
Jenkins-Ci Jenkins LTS 1.642.2
Jenkins-Ci Jenkins LTS 1.642.1
Jenkins-Ci Jenkins LTS 1.625.3
Jenkins-Ci Jenkins LTS 1.625.2
Jenkins-Ci Jenkins LTS 1.625.1
Jenkins-Ci Jenkins LTS 1.609.1
Jenkins-Ci Jenkins LTS 1.580.1
Jenkins-Ci Jenkins LTS 1.565.3
Jenkins-Ci Jenkins 2.73.2
Jenkins-Ci Jenkins 1.480.3
Jenkins-Ci Jenkins 1.480.2
Jenkins-Ci Jenkins 1.480.1
Jenkins-Ci Jenkins 1.409.3
Jenkins-Ci Jenkins 1.7.24
Jenkins-Ci Jenkins 2.88
Jenkins-Ci Jenkins 2.57
Jenkins-Ci Jenkins 2.56
Jenkins-Ci Jenkins 2.44
Jenkins-Ci Jenkins 2.43
Jenkins-Ci Jenkins 2.32
Jenkins-Ci Jenkins 2.31
Jenkins-Ci Jenkins 2.3
Jenkins-Ci Jenkins 2.2
Jenkins-Ci Jenkins 2.1
Jenkins-Ci Jenkins 2.0
Jenkins-Ci Jenkins 1.7.24.1
Jenkins-Ci Jenkins 1.656
Jenkins-Ci Jenkins 1.655
Jenkins-Ci Jenkins 1.654
Jenkins-Ci Jenkins 1.653
Jenkins-Ci Jenkins 1.652
Jenkins-Ci Jenkins 1.651
Jenkins-Ci Jenkins 1.650
Jenkins-Ci Jenkins 1.649
Jenkins-Ci Jenkins 1.641
Jenkins-Ci Jenkins 1.640
Jenkins-Ci Jenkins 1.638
Jenkins-Ci Jenkins 1.637
Jenkins-Ci Jenkins 1.600
Jenkins-Ci Jenkins 1.587
Jenkins-Ci Jenkins 1.578
Jenkins-Ci Jenkins 1.565.3-3
Jenkins-Ci Jenkins 1.551
Jenkins-Ci Jenkins 1.550
Jenkins-Ci Jenkins 1.532.2
Jenkins-Ci Jenkins 1.532.1
Jenkins-Ci Jenkins 1.523
Jenkins-Ci Jenkins 1.514
Jenkins-Ci Jenkins 1.513
Jenkins-Ci Jenkins 1.509.1
Jenkins-Ci Jenkins 1.509
Jenkins-Ci Jenkins 1.502
Jenkins-Ci Jenkins 1.497
Jenkins-Ci Jenkins 1.491
Jenkins-Ci Jenkins 1.482
Jenkins-Ci Jenkins 1.454
Jenkins-Ci Jenkins 1.452
Jenkins-Ci Jenkins 1.451
Jenkins-Ci Jenkins 1.447
Jenkins-Ci Jenkins 1.446
Jenkins-Ci Jenkins 1.438
Jenkins-Ci Jenkins 1.424.5.1
Jenkins-Ci Jenkins 1.424.5
Jenkins-Ci Jenkins 1.424.3
Jenkins-Ci Jenkins 1.424.2
Jenkins-Ci Jenkins 1.424.1
Jenkins-Ci Jenkins 1.408
Jenkins-Ci Jenkins 1.400.0.13
Jenkins-Ci Jenkins 1.400.0.12


Not Vulnerable: Jenkins-Ci Jenkins LTS 2.73.3
Jenkins-Ci Jenkins 2.89


Exploit


An attacker can exploit this issue using a web browser.


References:

Related Posts