{ "threat_severity" : "Moderate", "public_date" : "2024-10-02T15:35:03Z", "bugzilla" : { "description" : "jenkins: Item creation restriction bypass vulnerability", "id" : "2316131", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2316131" }, "cvss3" : { "cvss3_base_score" : "5.3", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N", "status" : "verified" }, "cwe" : "CWE-1220", "details" : [ "If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction.", "A flaw was found in Jenkins. When attempting to create an item prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API, if either of these checks fail, Jenkins creates the item in memory and only deletes it from disk. This may allow an attacker with the Item/Configure permission to save the item, effectively bypassing the item creation restriction." ], "affected_release" : [ { "product_name" : "OCP-Tools-4.12-RHEL-8", "release_date" : "2024-11-05T00:00:00Z", "advisory" : "RHSA-2024:8886", "cpe" : "cpe:/a:redhat:ocp_tools:4.12::el8", "package" : "jenkins-0:2.462.3.1730119132-3.el8" }, { "product_name" : "OCP-Tools-4.12-RHEL-8", "release_date" : "2024-11-05T00:00:00Z", "advisory" : "RHSA-2024:8886", "cpe" : "cpe:/a:redhat:ocp_tools:4.12::el8", "package" : "jenkins-2-plugins-0:4.12.1730119231-1.el8" }, { "product_name" : "OCP-Tools-4.13-RHEL-8", "release_date" : "2024-11-05T00:00:00Z", "advisory" : "RHSA-2024:8887", "cpe" : "cpe:/a:redhat:ocp_tools:4.13::el8", "package" : "jenkins-0:2.462.3.1729839924-3.el8" }, { "product_name" : "OCP-Tools-4.13-RHEL-8", "release_date" : "2024-11-05T00:00:00Z", "advisory" : "RHSA-2024:8887", "cpe" : "cpe:/a:redhat:ocp_tools:4.13::el8", "package" : "jenkins-2-plugins-0:4.13.1729840148-1.el8" }, { "product_name" : "OCP-Tools-4.14-RHEL-8", "release_date" : "2024-11-05T00:00:00Z", "advisory" : "RHSA-2024:8885", "cpe" : "cpe:/a:redhat:ocp_tools:4.14::el8", "package" : "jenkins-0:2.462.3.1729839727-3.el8" }, { "product_name" : "OCP-Tools-4.14-RHEL-8", "release_date" : "2024-11-05T00:00:00Z", "advisory" : "RHSA-2024:8885", "cpe" : "cpe:/a:redhat:ocp_tools:4.14::el8", "package" : "jenkins-2-plugins-0:4.14.1729839844-1.el8" }, { "product_name" : "OCP-Tools-4.15-RHEL-8", "release_date" : "2024-11-05T00:00:00Z", "advisory" : "RHSA-2024:8884", "cpe" : "cpe:/a:redhat:ocp_tools:4.15::el8", "package" : "jenkins-0:2.462.3.1729837947-3.el8" }, { "product_name" : "OCP-Tools-4.15-RHEL-8", "release_date" : "2024-11-05T00:00:00Z", "advisory" : "RHSA-2024:8884", "cpe" : "cpe:/a:redhat:ocp_tools:4.15::el8", "package" : "jenkins-2-plugins-0:4.15.1729838165-1.el8" } ], "package_state" : [ { "product_name" : "Red Hat Developer Hub", "fix_state" : "Not affected", "package_name" : "rhdh-operator-container", "cpe" : "cpe:/a:redhat:rhdh:1" }, { "product_name" : "Red Hat Developer Hub", "fix_state" : "Not affected", "package_name" : "rhdh/rhdh-hub-rhel9", "cpe" : "cpe:/a:redhat:rhdh:1" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-47804\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-47804\nhttps://www.jenkins.io/security/advisory/2024-10-02/#SECURITY-3448" ], "name" : "CVE-2024-47804", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }