Vulnerability Description
Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Overall/Read permission to download files from the Jenkins master they should not have access to. On Windows, any file accessible to the Jenkins master process could be downloaded. On other operating systems, any file within the Jenkins home directory accessible to the Jenkins master process could be downloaded.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Jenkins | Jenkins | < 2.107 |
| Oracle | Communications Cloud Native Core Automated Test Suite | 1.9.0 |
Related Weaknesses (CWE)
References
- http://www.openwall.com/lists/oss-security/2018/02/14/1Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/103037Broken LinkVDB Entry
- https://jenkins.io/security/advisory/2018-02-14/Vendor Advisory
- https://www.oracle.com/security-alerts/cpuapr2022.htmlPatchThird Party Advisory
- http://www.openwall.com/lists/oss-security/2018/02/14/1Mailing ListThird Party Advisory
- http://www.securityfocus.com/bid/103037Broken LinkVDB Entry
- https://jenkins.io/security/advisory/2018-02-14/Vendor Advisory
- https://www.oracle.com/security-alerts/cpuapr2022.htmlPatchThird Party Advisory
FAQ
What is CVE-2018-6356?
CVE-2018-6356 is a vulnerability with a CVSS score of 6.5 (MEDIUM). Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. This allowed users with Ove...
How severe is CVE-2018-6356?
CVE-2018-6356 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-6356?
Check the references section above for vendor advisories and patch information. Affected products include: Jenkins Jenkins, Oracle Communications Cloud Native Core Automated Test Suite.