Login Sign Up

CVE-2019-10417

9.9 CRITICAL
Remote Code Execution Authentication Bypass

📋 TL;DR

This vulnerability in Jenkins Kubernetes Pipeline Steps Plugin allows attackers to bypass script security sandbox protections and execute arbitrary methods. Attackers with permission to configure pipelines can achieve remote code execution. Affects Jenkins installations using the vulnerable plugin.

💻 Affected Systems

Products:
  • Jenkins Kubernetes Pipeline Steps Plugin
Versions: Versions prior to 1.8.2
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires Jenkins with the vulnerable plugin installed and users with pipeline configuration permissions.

📦 What is this software?

Kubernetes Pipeline by Jenkins

View all CVEs affecting Kubernetes Pipeline →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise through remote code execution, allowing attackers to execute arbitrary commands on Jenkins nodes and potentially pivot to other systems.

🟠

Likely Case

Attackers with pipeline configuration access can execute arbitrary code, steal credentials, modify pipelines, and disrupt CI/CD operations.

🟢

If Mitigated

With proper access controls and network segmentation, impact limited to isolated Jenkins nodes without critical data access.

🌐 Internet-Facing: HIGH
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires authenticated access with pipeline configuration permissions. Public exploit details available in security advisories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.8.2

Vendor Advisory: https://jenkins.io/security/advisory/2019-09-25/#SECURITY-920%20%281%29

Restart Required: Yes

Instructions:

1. Update Jenkins Kubernetes Pipeline Steps Plugin to version 1.8.2 or later via Jenkins Plugin Manager. 2. Restart Jenkins service. 3. Verify plugin version in installed plugins list.

🔧 Temporary Workarounds

Disable vulnerable plugin

all

Temporarily disable the Kubernetes Pipeline Steps Plugin if immediate patching is not possible

Navigate to Jenkins > Manage Jenkins > Manage Plugins > Installed tab
Find 'Kubernetes Pipeline Steps' plugin
Click 'Disable' button

Restrict pipeline configuration permissions

all

Limit who can configure pipelines to reduce attack surface

Navigate to Jenkins > Manage Jenkins > Configure Global Security
Configure Matrix-based security or Role-based strategy
Remove 'Job/Configure' permission from non-admin users

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate Jenkins from critical systems
  • Enforce least privilege access controls for Jenkins users and service accounts

🔍 How to Verify

Check if Vulnerable:

Check installed plugin version: Jenkins > Manage Jenkins > Manage Plugins > Installed tab, look for 'Kubernetes Pipeline Steps' version

Check Version:

curl -s http://jenkins-url/pluginManager/api/json?depth=1 | grep -o '"shortName":"kubernetes-pipeline-steps","version":"[^"]*"'

Verify Fix Applied:

Verify plugin version is 1.8.2 or higher in installed plugins list

📡 Detection & Monitoring

Log Indicators:

  • Unusual pipeline configuration changes
  • Script security sandbox violation warnings
  • Unexpected process execution from Jenkins nodes

Network Indicators:

  • Unusual outbound connections from Jenkins nodes
  • Suspicious payloads in pipeline configuration requests

SIEM Query:

source="jenkins.log" AND ("script security" OR "sandbox" OR "kubernetes-pipeline-steps") AND ("violation" OR "bypass" OR "unauthorized")

📊 Metadata

CVE ID: CVE-2019-10417
CVSS v3 Score: 9.9 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Published: September 25, 2019
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON