What is the severity of CVE-2022-25174?

CVE-2022-25174 has a high severity rating due to its potential to allow arbitrary OS command execution on the Jenkins controller.

How do I fix CVE-2022-25174?

To fix CVE-2022-25174, upgrade to the recommended patched versions of the Jenkins Pipeline or the affected plugins.

What are the affected Jenkins versions for CVE-2022-25174?

CVE-2022-25174 affects several versions of Jenkins, particularly those with shared Groovy libraries using the same checkout directories.

Can CVE-2022-25174 be exploited remotely?

Yes, CVE-2022-25174 can be exploited by attackers with item/configure permissions, which may potentially lead to remote code execution.

What kind of permissions are required to exploit CVE-2022-25174?

Exploitation of CVE-2022-25174 requires attackers to have item/configure permissions on the Jenkins controller.

Vulnerability/
CVE-2022-25174

high

8.8

CWE

15/2/2022

16/2/2022

3/8/2024

CVE-2022-25174: OS Command Injection

First published: Tue Feb 15 2022(Updated: )

A flaw was found in Jenkins. The JenkinsPipeline: Shared Groovy Libraries uses the same checkout directories for distinct SCMs for Pipeline libraries. This flaw allows attackers with item/configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents. This allows attackers to compromise confidentiality, integrity, and availability.

Credit: jenkinsci-cert@googlegroups.com jenkinsci-cert@googlegroups.com jenkinsci-cert@googlegroups.com

Affected Software	Affected Version	How to fix
redhat/jenkins	<2-plugins-0:3.11.1650371376-1.el7	2-plugins-0:3.11.1650371376-1.el7
redhat/jenkins	<2-plugins-0:4.10.1647505461-1.el8	2-plugins-0:4.10.1647505461-1.el8
redhat/jenkins	<2-plugins-0:4.6.1650364520-1.el8	2-plugins-0:4.6.1650364520-1.el8
redhat/jenkins	<2-plugins-0:4.7.1648800585-1.el8	2-plugins-0:4.7.1648800585-1.el8
redhat/jenkins	<2-plugins-0:4.8.1646993358-1.el8	2-plugins-0:4.8.1646993358-1.el8
redhat/jenkins	<2-plugins-0:4.9.1647580879-1.el8	2-plugins-0:4.9.1647580879-1.el8
Jenkins Pipeline\	<=552.vd9cc05b8a2e1
maven/org.jenkins-ci.plugins.workflow:workflow-cps-global-lib	<2.18.1	2.18.1
maven/org.jenkins-ci.plugins.workflow:workflow-cps-global-lib	>=2.19<2.21.1	2.21.1
maven/org.jenkins-ci.plugins.workflow:workflow-cps-global-lib	>=544.vff04fa68714d<561.va	561.va

Remedy

https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-2463

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

Frequently Asked Questions

What is the severity of CVE-2022-25174?
CVE-2022-25174 has a high severity rating due to its potential to allow arbitrary OS command execution on the Jenkins controller.
How do I fix CVE-2022-25174?
To fix CVE-2022-25174, upgrade to the recommended patched versions of the Jenkins Pipeline or the affected plugins.
What are the affected Jenkins versions for CVE-2022-25174?
CVE-2022-25174 affects several versions of Jenkins, particularly those with shared Groovy libraries using the same checkout directories.
Can CVE-2022-25174 be exploited remotely?
Yes, CVE-2022-25174 can be exploited by attackers with item/configure permissions, which may potentially lead to remote code execution.
What kind of permissions are required to exploit CVE-2022-25174?
Exploitation of CVE-2022-25174 requires attackers to have item/configure permissions on the Jenkins controller.

collector/redhat-cve
collector/nvd-index
collector/nvd-api
collector/github-advisory-latest
alias/GHSA-g9fx-6j5c-grmw
alias/CVE-2022-25174
collector/nvd-cve
collector/github-advisory
agent/type
agent/softwarecombine
agent/first-publish-date
collector/redhat-bugzilla
source/Red Hat
agent/references
agent/remedy
agent/severity
agent/weakness
agent/author
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/description
agent/event
agent/trending
agent/tags
agent/source
package-manager/redhat
vendor/jenkins
canonical/jenkins pipeline\
version/jenkins pipeline\/552.vd9cc05b8a2e1
package-manager/maven