CVE-2022-43427 Compuware Topaz for Total Test Plugin 2.4.8 doesn't perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to enumerate credentials IDs.

In some cases, this can lead to attackers being able to view and change Jenkins usernames and passwords. This issue does not affect systems where Jenkins is installed on a system that does not have permissions for Overall/Read. Users are advised to consider changing the Jenkins usernames and passwords on the Jenkins system and to monitor any system where Jenkins is installed for any suspicious activity. Jenkins Compuware Topaz for Total Test Plugin 2.4.8 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. In some cases, this can lead to attackers being able to view and change Jenkins usernames and passwords. This issue does not affect systems where Jenkins is installed on a system that does not have permissions for Overall/Read. Users are advised to consider changing the Jenkins usernames and passwords on the Jenkins system and to monitor any system where Jenkins is installed for any suspicious activity.

Credit where credit is due

This issue was discovered by a member of the Jenkins security team and has been confirmed to be valid by the Jenkins core development team.

Information Gathering

This issue affects systems where Jenkins is installed on a system that does not have permissions for Overall/Read.

Timeline

Published on: 10/19/2022 16:15:00 UTC
Last modified on: 10/22/2022 02:11:00 UTC

References

• https://www.jenkins.io/security/advisory/2022-10-19/#SECURITY-2623
• http://www.openwall.com/lists/oss-security/2022/10/19/3
• https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-43427