CVE-2022-20617 The Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize the name of an image or a tag, which can lead to an OS command execution vulnerability. Attackers with Item/Configure permission or control over a co nn

CVE-2022-20617 The Jenkins Docker Commons Plugin 1.17 and earlier does not sanitize the name of an image or a tag, which can lead to an OS command execution vulnerability. Attackers with Item/Configure permission or control over a co

nn

This issue does not affect Jenkins Enterprise installations. As of version 1.17 (released on October 22, 2018), the Jenkins team has marked the Jenkins Docker Commons Plugin as NOT SECURE. This plugin is not included in the current version of the Official Plugins list. An attacker with the ability to control or alter the contents of a Jenkins job's SCM repository could exploit this issue to execute OS commands against the underlying operating system of the target server. An attacker may be able to install a malicious SSH server, for instance. This technique has been known to be used in various information-technology (IT) attacks, such as password-recovery and privilege-escalation attacks. Plugins are pieces of software that extend the functionality of Jenkins. Users may choose to install plugins to expand the functionality of their installations or to add features that were not available through the original installation.

Resolution

As of October 22, 2018, the Jenkins team has marked the Jenkins Docker Commons Plugin as NOT SECURE. This plugin is not included in the current version of the Official Plugins list. Users are advised to discontinue use of this plugin and to upgrade to a supported Jenkins version if they require its functionality.

What is Jenkins?

Jenkins is an open source automation server. It provides the core functionality to build, test, and release software. Jenkins is written in Java and uses a declarative programming model. This means that the configuration of jobs can be written in a text file with no need for scripting or programming knowledge.
Jenkins runs on top of any operating system including Linux, Windows, and macOS and allows users to script their jobs through Groovy or Python. It also supports more than 100+ SCM systems such as Git, Subversion, Mercurial and Perforce.

What is Docker?

Docker is a containerization platform that acts as an application virtualization layer that allows packages to run without interference from the underlying host. Containers allow developers to package software in an isolated environment, which makes it possible for them to more reliably deploy applications and share work with others by using images. A standard image can be used by multiple users with different configurations and in different environments. This is made possible through the use of containers.
One of the main advantages of Docker is its ability to provide lightweight containers that are easy to start up and consume less resources than a virtual machine. In fact, Docker does not use a hypervisor when running instances. It provides a lightweight approach, making it one of the most popular containerization platforms today. It is also cross-platform compatible, meaning that it can be used on Linux, Windows, or Mac OS X operating systems simultaneously.

CI monitoring and alerting

Many DevOps tools, such asJenkins and GitHub, are used for CI and automated deployments. Jenkins is an open source automation server that allows organizations to build an agile software delivery pipeline with continuous integration (CI) and continuous deployment (CD). Jenkins also provides a comprehensive set of monitoring and alerting services.
The problem…
This issue occurs when the Jenkins Docker Commons Plugin is installed on a non-secure environment. If the plugin is installed on a non-secure server or repository, then any attacker who can control or alter its contents may be able to execute OS commands against the underlying operating system of the target server. An attacker may be able to install a malicious SSH server, for instance. This technique has been known to be used in various information-technology (IT) attacks, such as password-recovery and privilege-escalation attacks.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe