CVE-2022-25186 - Vulnerability Details - OpenCVE

Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Jenkins	Hashicorp Vault

Configuration 1 [-]

cpe:2.3:a:jenkins:hashicorp_vault:*:*:*:*:*:jenkins:*:*

No data.

References

Link	Providers
https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2429

History

No history.

MITRE

Status: PUBLISHED

Assigner: jenkins

Published: 2022-02-15T16:11:11

Updated: 2024-08-03T04:36:06.418Z

Reserved: 2022-02-15T00:00:00

Link: CVE-2022-25186

Vulnrichment

No data.

NVD

Status : Modified

Published: 2022-02-15T17:15:09.410

Modified: 2024-11-21T06:51:46.277

Link: CVE-2022-25186

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Jenkins HashiCorp Vault Plugin", "vendor": "Jenkins project", "versions": [{"lessThanOrEqual": "3.8.0", "status": "affected", "version": "unspecified", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "value": "Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key."}], "providerMetadata": {"orgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "shortName": "jenkins", "dateUpdated": "2023-10-24T14:19:45.224Z"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2429"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "jenkinsci-cert@googlegroups.com", "ID": "CVE-2022-25186", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Jenkins HashiCorp Vault Plugin", "version": {"version_data": [{"version_affected": "<=", "version_value": "3.8.0"}]}}]}, "vendor_name": "Jenkins project"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-693: Protection Mechanism Failure"}]}]}, "references": {"reference_data": [{"name": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2429", "refsource": "CONFIRM", "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2429"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T04:36:06.418Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2429"}]}]}, "cveMetadata": {"assignerOrgId": "39769cd5-e6e2-4dc8-927e-97b3aa056f5b", "assignerShortName": "jenkins", "cveId": "CVE-2022-25186", "datePublished": "2022-02-15T16:11:11", "dateReserved": "2022-02-15T00:00:00", "dateUpdated": "2024-08-03T04:36:06.418Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:jenkins:hashicorp_vault:*:*:*:*:*:jenkins:*:*", "matchCriteriaId": "14E95D87-E3F5-4EB4-BAA9-D34650987D20", "versionEndIncluding": "3.8.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Jenkins HashiCorp Vault Plugin 3.8.0 and earlier implements functionality that allows agent processes to retrieve any Vault secrets for use on the agent, allowing attackers able to control agent processes to obtain Vault secrets for an attacker-specified path and key."}, {"lang": "es", "value": "Jenkins HashiCorp Vault Plugin versiones 3.8.0 y anteriores, implementan una funcionalidad que permite a procesos del agente recuperar cualquier secreto de Vault para usarlo en el agente, permitiendo a atacantes capaces de controlar los procesos del agente obtener secretos de Vault para una ruta y clave especificadas por el atacante"}], "id": "CVE-2022-25186", "lastModified": "2024-11-21T06:51:46.277", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-02-15T17:15:09.410", "references": [{"source": "jenkinsci-cert@googlegroups.com", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2429"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Vendor Advisory"], "url": "https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2429"}], "sourceIdentifier": "jenkinsci-cert@googlegroups.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}