CVE-2013-0158
First published: Mon Jan 07 2013(Updated: )
It was reported [1] that Jenkins suffers from a vulnerability that allows an attacker with HTTP access to the server to retrieve the master cryptographic keys used by Jenkins to encrypt sensitive data in configuration files under $JENKINS_HOME, in HTML forms, the authenticate REST API access from users, and authenticating slaves connecting to the master. An attacker with this key could execute arbitrary code on the Jenkins master or impersonate arbitrary users via REST API calls. This can be somewhat mitigated, depending on certain installations: - this is only applicable on Jenkins instances that have slaves attached to them, and allow anonymous read access - regenerated API tokens, with a user can regenerate, cannot be impersonated by the attacker This is fixed upstream in version 1.498 and the LTS 1.480.2 version. In git, the fix seems to be spread across a few commits [1] <a href="https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04">https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04</a> In git, the fix seems to be spread across a few commits (those prefixed with [SECURITY-49]): <a href="https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd">https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd</a> <a href="https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5">https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5</a> <a href="https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2">https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2</a> <a href="https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04">https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04</a> <a href="https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602">https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602</a>
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| maven/org.jenkins-ci.main:jenkins-core | <1.480.2 | 1.480.2 |
| maven/org.jenkins-ci.main:jenkins-core | >=1.481<1.498 | 1.498 |
| Jenkins | <=1.480.3.1 | |
| Jenkins LTS | =1.400 | |
| Jenkins LTS | =1.401 | |
| Jenkins LTS | =1.402 | |
| Jenkins LTS | =1.403 | |
| Jenkins LTS | =1.404 | |
| Jenkins LTS | =1.405 | |
| Jenkins LTS | =1.406 | |
| Jenkins LTS | =1.407 | |
| Jenkins LTS | =1.408 | |
| Jenkins LTS | =1.409 | |
| Jenkins LTS | =1.410 | |
| Jenkins LTS | =1.411 | |
| Jenkins LTS | =1.412 | |
| Jenkins LTS | =1.413 | |
| Jenkins LTS | =1.414 | |
| Jenkins LTS | =1.415 | |
| Jenkins LTS | =1.416 | |
| Jenkins LTS | =1.417 | |
| Jenkins LTS | =1.418 | |
| Jenkins LTS | =1.419 | |
| Jenkins LTS | =1.420 | |
| Jenkins LTS | =1.421 | |
| Jenkins LTS | =1.422 | |
| Jenkins LTS | =1.423 | |
| Jenkins LTS | =1.424 | |
| Jenkins LTS | =1.425 | |
| Jenkins LTS | =1.426 | |
| Jenkins LTS | =1.427 | |
| Jenkins LTS | =1.428 | |
| Jenkins LTS | =1.429 | |
| Jenkins LTS | =1.430 | |
| Jenkins LTS | =1.431 | |
| Jenkins LTS | =1.432 | |
| Jenkins LTS | =1.433 | |
| Jenkins LTS | =1.434 | |
| Jenkins LTS | =1.435 | |
| Jenkins LTS | =1.436 | |
| Jenkins LTS | =1.437 | |
| Jenkins | =1.466.1.2 | |
| Jenkins | =1.466.2.1 | |
| Jenkins | =1.400 | |
| Jenkins | =1.424 | |
| Jenkins | =1.447 | |
| Jenkins LTS | <=1.466.2 | |
| Jenkins LTS | =1.409.1 | |
| Jenkins LTS | =1.409.2 | |
| Jenkins LTS | =1.409.3 | |
| Jenkins LTS | =1.424.1 | |
| Jenkins LTS | =1.424.2 | |
| Jenkins LTS | =1.424.3 | |
| Jenkins LTS | =1.424.4 | |
| Jenkins LTS | =1.424.5 | |
| Jenkins LTS | =1.424.6 | |
| Jenkins LTS | =1.447.1 | |
| Jenkins LTS | =1.447.2 | |
| Jenkins LTS | =1.466.1 | |
| Jenkins | =1.447.1.1 | |
| Jenkins | =1.447.2.2 | |
| Jenkins | =1.447.3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://wiki.jenkins-ci.org/display/SECURITY/Jenkins+Security+Advisory+2013-01-04
- https://github.com/jenkinsci/jenkins/commit/a9aff088f327278a8873aef47fa8f80d3c5932fd
- https://github.com/jenkinsci/jenkins/commit/4895eaafca468b7f0f1a3166b2fca7414f0d5da5
- https://github.com/jenkinsci/jenkins/commit/c3d8e05a1b3d58b6c4dcff97394cb3a79608b4b2
- https://github.com/jenkinsci/jenkins/commit/3dc13b957b14cec649036e8dd517f0f9cb21fb04
- https://github.com/jenkinsci/jenkins/commit/94a8789b699132dd706021a6be1b78bc47f19602
- https://rhn.redhat.com/errata/RHSA-2013-0220.html
- https://bugzilla.redhat.com/show_bug.cgi?id=892795
- http://rhn.redhat.com/errata/RHSA-2013-0220.html
- http://www.cloudbees.com/jenkins-advisory/jenkins-security-advisory-2013-01-04.cb
- http://www.openwall.com/lists/oss-security/2013/01/07/4
- https://nvd.nist.gov/vuln/detail/CVE-2013-0158
- https://github.com/jenkinsci/jenkins/commit/48ecccc1669f325acf72953923f9d9620b2590e3
- https://github.com/jenkinsci/jenkins/commit/56e4b6e287046e4ad2a02f8bd70225a86e74bd34
- https://github.com/jenkinsci/jenkins/commit/7983ae3baea779df18862623d594744b8d285392
- https://github.com/jenkinsci/jenkins/commit/9fb6c2ca0c73b43cc2e6d08c09707ee67005e526
- https://github.com/jenkinsci/jenkins/commit/a411b0c3b32eb314d5a26b64de1b3d5db2760443
- https://github.com/jenkinsci/jenkins/commit/e401c7cfe7b28b6ff9d0893e89c2568596b96915
- https://github.com/advisories/GHSA-jwfr-h6jp-9p2g (Advisory)
Frequently Asked Questions
What is the severity of CVE-2013-0158?
CVE-2013-0158 has a severity rating that can vary but is generally considered a high-risk vulnerability due to the exposure of master cryptographic keys.
How do I fix CVE-2013-0158?
To fix CVE-2013-0158, upgrade Jenkins to version 1.480.2 or later, or to version 1.498 if you have version 1.481 or newer.
What types of systems are affected by CVE-2013-0158?
CVE-2013-0158 affects multiple versions of Jenkins and Cloudbees Jenkins, specifically versions prior to 1.480.2.
How can an attacker exploit CVE-2013-0158?
An attacker can exploit CVE-2013-0158 by gaining HTTP access to the Jenkins server, allowing them to retrieve sensitive master cryptographic keys.
What data is compromised in CVE-2013-0158?
CVE-2013-0158 compromises the master cryptographic keys used by Jenkins to encrypt sensitive data in configuration files.
- agent/type
- agent/first-publish-date
- collector/github-advisory-latest
- source/GitHub
- alias/GHSA-jwfr-h6jp-9p2g
- alias/CVE-2013-0158
- agent/software-canonical-lookup
- agent/severity
- agent/references
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- agent/author
- collector/github-advisory
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- package-manager/maven
- vendor/cloudbees
- canonical/jenkins
- version/jenkins/1.480.3.1
- vendor/jenkins
- canonical/jenkins lts
- version/jenkins lts/1.400
- version/jenkins lts/1.401
- version/jenkins lts/1.402
- version/jenkins lts/1.403
- version/jenkins lts/1.404
- version/jenkins lts/1.405
- version/jenkins lts/1.406
- version/jenkins lts/1.407
- version/jenkins lts/1.408
- version/jenkins lts/1.409
- version/jenkins lts/1.410
- version/jenkins lts/1.411
- version/jenkins lts/1.412
- version/jenkins lts/1.413
- version/jenkins lts/1.414
- version/jenkins lts/1.415
- version/jenkins lts/1.416
- version/jenkins lts/1.417
- version/jenkins lts/1.418
- version/jenkins lts/1.419
- version/jenkins lts/1.420
- version/jenkins lts/1.421
- version/jenkins lts/1.422
- version/jenkins lts/1.423
- version/jenkins lts/1.424
- version/jenkins lts/1.425
- version/jenkins lts/1.426
- version/jenkins lts/1.427
- version/jenkins lts/1.428
- version/jenkins lts/1.429
- version/jenkins lts/1.430
- version/jenkins lts/1.431
- version/jenkins lts/1.432
- version/jenkins lts/1.433
- version/jenkins lts/1.434
- version/jenkins lts/1.435
- version/jenkins lts/1.436
- version/jenkins lts/1.437
- version/jenkins/1.466.1.2
- version/jenkins/1.466.2.1
- version/jenkins/1.400
- version/jenkins/1.424
- version/jenkins/1.447
- version/jenkins lts/1.466.2
- version/jenkins lts/1.409.1
- version/jenkins lts/1.409.2
- version/jenkins lts/1.409.3
- version/jenkins lts/1.424.1
- version/jenkins lts/1.424.2
- version/jenkins lts/1.424.3
- version/jenkins lts/1.424.4
- version/jenkins lts/1.424.5
- version/jenkins lts/1.424.6
- version/jenkins lts/1.447.1
- version/jenkins lts/1.447.2
- version/jenkins lts/1.466.1
- version/jenkins/1.447.1.1
- version/jenkins/1.447.2.2
- version/jenkins/1.447.3.1