CVE-2022-45388 — Jenkins Config Rotator Plugin vulnerable to path traversal

Description

Jenkins Config Rotator Plugin 2.0.1 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing unauthenticated attackers to read arbitrary files with '.xml' extension on the Jenkins controller file system. Currently there is no known workaround and no fix available.

How to fix CVE-2022-45388

No fixed version has been published yet. Mitigate by removing the affected package or applying upstream guidance from the references below.

—no fix listed

Is CVE-2022-45388 being exploited?

Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0, <= 2.0.1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References (4)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-45388
PATCHgithub.com/jenkinsci/config-rotator-plugin
WEBwww.jenkins.io/security/advisory/2022-11-15/#SECURITY-2842
WEBwww.openwall.com/lists/oss-security/2022/11/15/4