https://bugzilla.redhat.com/show_bug.cgi?id=1764369
Bug ID: 1764369
Summary: CVE-2019-10405 jenkins: Diagnostic web page exposed
Cookie HTTP header
Product: Security Response
Hardware: All
OS: Linux
Status: NEW
Component: vulnerability
Keywords: Security
Severity: medium
Priority: medium
Assignee: security-response-team(a)redhat.com
Reporter: psampaio(a)redhat.com
CC: abenaiss(a)redhat.com, adam.kaplan(a)redhat.com,
aos-bugs(a)redhat.com, bmontgom(a)redhat.com,
eparis(a)redhat.com, extras-orphan(a)fedoraproject.org,
java-sig-commits(a)lists.fedoraproject.org,
jburrell(a)redhat.com, jokerman(a)redhat.com,
mizdebsk(a)redhat.com, msrb(a)redhat.com,
nstielau(a)redhat.com, sponnaga(a)redhat.com,
vbobade(a)redhat.com, wzheng(a)redhat.com
Target Milestone: ---
Classification: Other
Jenkins shows various technical information about the current user on the
/whoAmI URL. The information shown includes HTTP request headers. This allowed
attackers able to exploit another cross-site scripting vulnerability to obtain
the Cookie header’s value even if the HttpOnly flag would prevent direct access
via JavaScript.
References:
https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1505
--
You are receiving this mail because:
You are on the CC list for the bug.