CVE-2018-1999002

HIGH

Jenkins <2.132, <2.121.1 - Info Disclosure

Title source: llm

Description

A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to.

Exploits (6)

exploitdb WORKING POC

by wetw0rk · pythonwebappsjava

https://www.exploit-db.com/exploits/46453

View Code ZIP pw:eip

nomisec WORKING POC 75 stars

by wetw0rk · poc

https://github.com/wetw0rk/Exploit-Development

View Code ZIP pw:eip

nomisec NO CODE

by 0x6b7966 · poc

https://github.com/0x6b7966/CVE-2018-1999002

View Code ZIP pw:eip

nomisec WORKING POC

by im23pds · poc

https://github.com/im23pds/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins

View Code ZIP pw:eip

nomisec WORKING POC

by slowmistio · poc

https://github.com/slowmistio/CVE-2019-1003000-and-CVE-2018-1999002-Pre-Auth-RCE-Jenkins

View Code ZIP pw:eip

inthewild

poc

https://github.com/0xtavian/cve-2019-1003000-and-cve-2018-1999002-pre-auth-rce-jenkins

View on inthewild

References (3)

[Mitigation, Vendor Advisory] https://jenkins.io/security/advisory/2018-07-18/#SECURITY-914

[Exploit, Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/46453/

[Patch, Third Party Advisory] https://www.oracle.com/security-alerts/cpuapr2022.html

Scores

CVSS v3 7.5

EPSS 0.9275

EPSS Percentile 99.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

Status published

Products (3)

jenkins/jenkins < 2.121.1

oracle/communications_cloud_native_core_automated_test_suite 1.9.0

org.jenkins-ci.main/jenkins-core 0 - 2.121.2Maven

Published Jul 23, 2018

Tracked Since Feb 18, 2026