1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Attack: Jenkins Script-Console Java Execution

Attack: Jenkins Script-Console Java Execution

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a vulnerability in Jenkins which could result in arbitrary code execution.

Additional Information

Jenkins is a web server application.

The application is prone to the following unspecified vulnerabilities:

1. A cross-site-scripting vulnerability occurs because it fails to sufficiently sanitize user-supplied data.

2. An arbitrary code-execution vulnerability because it fails to sufficiently sanitize user-supplied data. Attackers can exploit this issue to insert data into Jenkins master.

Note: To exploit this issue, attackers require read access to the application and HTTP access to a master.

Attackers can exploit these issues to execute arbitrary code in the context of the web server, compromise the affected application, and steal cookie-based authentication credentials from legitimate users of the site. Other attacks are also possible.

Affected

  • Jenkins versions prior to 1.482 and 1.466.2 LTS are vulnerable.

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube