Login Sign Up

CVE-2022-25200

8.8 HIGH
CSRF

📋 TL;DR

This CSRF vulnerability in Jenkins Checkmarx Plugin allows attackers to trick authenticated users into connecting to malicious servers using stolen credential IDs, potentially exposing sensitive Jenkins credentials. It affects Jenkins installations using Checkmarx Plugin version 2022.1.2 or earlier. Attackers need to obtain credential IDs through other means first.

💻 Affected Systems

Products:
  • Jenkins Checkmarx Plugin
Versions: 2022.1.2 and earlier
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires Jenkins with Checkmarx Plugin installed and configured with credentials.

📦 What is this software?

Checkmarx by Jenkins

View all CVEs affecting Checkmarx →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers capture all Jenkins credentials, gaining full administrative access to Jenkins and potentially compromising connected systems.

🟠

Likely Case

Attackers capture specific credentials used by the Checkmarx plugin, potentially accessing source code repositories or build systems.

🟢

If Mitigated

With proper CSRF protections and credential management, impact is limited to failed connection attempts.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires attacker to obtain credential IDs through other means first, then craft CSRF attack.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2022.1.3 or later

Vendor Advisory: https://www.jenkins.io/security/advisory/2022-02-15/#SECURITY-1017

Restart Required: Yes

Instructions:

1. Update Jenkins Checkmarx Plugin to version 2022.1.3 or later via Jenkins Plugin Manager. 2. Restart Jenkins service. 3. Verify plugin version in Jenkins interface.

🔧 Temporary Workarounds

Disable Checkmarx Plugin

all

Temporarily disable the vulnerable plugin until patching is possible

java -jar jenkins-cli.jar -s http://jenkins-server:8080/ disable-plugin checkmarx

Enable CSRF Protection

all

Ensure Jenkins CSRF protection is enabled globally

🧯 If You Can't Patch

  • Restrict network access to Jenkins instance
  • Implement strict credential rotation and monitoring

🔍 How to Verify

Check if Vulnerable:

Check Jenkins plugin manager for Checkmarx Plugin version. If version is 2022.1.2 or earlier, system is vulnerable.

Check Version:

curl -s http://jenkins-server:8080/pluginManager/api/json?depth=1 | grep -o '"checkmarx[^}]*' | grep -o '"version":"[^"]*'

Verify Fix Applied:

Verify Checkmarx Plugin version is 2022.1.3 or later in Jenkins plugin manager.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected Checkmarx server connection attempts
  • Failed authentication attempts from unusual IPs

Network Indicators:

  • Outbound connections from Jenkins to unknown servers on Checkmarx plugin ports

SIEM Query:

source="jenkins.log" AND "Checkmarx" AND ("connection failed" OR "authentication error")

📊 Metadata

CVE ID: CVE-2022-25200
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-352
Published: February 15, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-25200, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)