Login Sign Up

CVE-2022-34181

9.1 CRITICAL

📋 TL;DR

The Jenkins xUnit Plugin vulnerability allows attackers with control over agent processes to create arbitrary directories on the Jenkins controller or read test results from attacker-specified directories. This affects Jenkins instances using xUnit Plugin version 3.0.8 or earlier where untrusted agents can be connected.

💻 Affected Systems

Products:
  • Jenkins xUnit Plugin
Versions: 3.0.8 and earlier
Operating Systems: All platforms running Jenkins
Default Config Vulnerable: ⚠️ Yes
Notes: Requires attacker control over Jenkins agent processes. Jenkins controllers with untrusted or compromised agents are vulnerable.

📦 What is this software?

Xunit by Jenkins

View all CVEs affecting Xunit →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could create arbitrary directories on the Jenkins controller filesystem, potentially leading to path traversal attacks, file overwrites, or reading sensitive files from the controller.

🟠

Likely Case

Attackers with agent control can read existing test result files from directories they specify, potentially exposing sensitive build information or credentials stored in test artifacts.

🟢

If Mitigated

With proper agent security controls and network segmentation, impact is limited to isolated agent environments.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires control over Jenkins agent processes. Attackers need to compromise or have access to agent systems.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: xUnit Plugin 3.0.9 or later

Vendor Advisory: https://www.jenkins.io/security/advisory/2022-06-22/#SECURITY-2549

Restart Required: Yes

Instructions:

1. Update Jenkins xUnit Plugin to version 3.0.9 or later via Jenkins Plugin Manager. 2. Restart Jenkins after plugin update. 3. Verify plugin version in Manage Jenkins > Manage Plugins > Installed tab.

🔧 Temporary Workarounds

Restrict Agent Access

all

Limit agent connections to trusted systems only and implement strict agent security controls.

Disable xUnit Plugin

all

Temporarily disable the xUnit Plugin if not required for operations.

Navigate to Manage Jenkins > Manage Plugins > Installed tab, find xUnit Plugin, click Disable

🧯 If You Can't Patch

  • Implement strict agent security controls and only allow trusted agents to connect
  • Network segment Jenkins agents from untrusted networks and monitor agent connections

🔍 How to Verify

Check if Vulnerable:

Check Jenkins Plugin Manager for xUnit Plugin version. If version is 3.0.8 or earlier, system is vulnerable.

Check Version:

Check Jenkins web interface: Manage Jenkins > Manage Plugins > Installed tab, or check JENKINS_HOME/plugins/xunit/WEB-INF/lib directory for plugin JAR version.

Verify Fix Applied:

Verify xUnit Plugin version is 3.0.9 or later in Manage Jenkins > Manage Plugins > Installed tab.

📡 Detection & Monitoring

Log Indicators:

  • Unusual directory creation patterns in Jenkins controller logs
  • Suspicious agent-to-controller communication related to xUnit test processing

Network Indicators:

  • Unexpected agent connections attempting to access controller filesystem paths

SIEM Query:

source="jenkins.log" AND ("xunit" OR "test results") AND ("directory" OR "path") AND ("created" OR "access")

📊 Metadata

CVE ID: CVE-2022-34181
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Published: June 23, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON