Jenkins | ²å¼þ¶à¸öÇå¾²Îó²îͨ¸æ

Ðû²¼Ê±¼ä 2020-05-08

0x00 Îó²î¸ÅÊö



²úÆ·

CVE ID

Àà ÐÍ

Îó²îÆ·¼¶

Ô¶³ÌʹÓÃ

Ó°Ïì¹æÄ£

Jenkins²å¼þ

CVE-2020-2181

IPC

ÖÐΣ

ÊÇ

Amazon EC2 Plugin <= 1.50.1

Copy Artifact Plugin <= 1.43.1

Credentials Binding Plugin <= 1.22

CVS Plugin <= 2.15

SCM Filter Jervis Plugin <= 0.2.1

CVE-2020-2182

IPC

ÖÐΣ

ÊÇ

CVE-2020-2183

IA

ÖÐΣ

ÊÇ

CVE-2020-2184

CSRF

ÖÐΣ

ÊÇ

CVE-2020-2185

IVE

µÍΣ

ÊÇ

CVE-2020-2186

CSRF

ÖÐΣ

ÊÇ

CVE-2020-2187

IVE

¸ßΣ

ÊÇ

CVE-2020-2188

IA

µÍΣ

ÊÇ

CVE-2020-2189

RCE

ÖÐΣ

ÊÇ


0x01 Îó²îÏêÇé


ÈËÉú¾ÍÊDz©-×ðÁú¿­Ê±Öйú¹ÙÍø



CloudBees Jenkins£¨Hudson Labs£©ÊÇÃÀ¹úCloudBees¹«Ë¾µÄÒ»Ì×»ùÓÚJava¿ª·¢µÄÒ»Á¬¼¯³É¹¤¾ß¡£¡£¸Ã²úÆ·Ö÷ÒªÓÃÓÚ¼à¿ØÒ»Á¬µÄÈí¼þ°æ±¾Ðû²¼/²âÊÔÏîÄ¿ºÍһЩ׼ʱִÐеÄʹÃü¡£¡£

2020Äê5ÔÂ6ÈÕ£¬£¬ £¬Jenkins¹Ù·½Ðû²¼Ç徲ͨ¸æÐÞ¸´²å¼þÖеÄ9¸öÎó²î£¬£¬ £¬ÆäÖÐÓÐ5¸ö²å¼þÊܵ½Ó°Ïì¡£¡£ÏêϸÄÚÈÝÈçÏ£º

Credentials Binding ²å¼þ±£´æÁ½¸öƾ֤й¶Îó²î£¨CVE-2020-2181¡¢CVE-2020-2182£©£¬£¬ £¬¹¥»÷Õß¿ÉʹÓøÃÎó²î»ñÈ¡Ãô¸ÐÐÅÏ¢¡£¡£

Copy Artifact ²å¼þ±£´æȨÏÞУÑé²»µ±Îó²î£¨CVE-2020-2183£©£¬£¬ £¬¸ÃÎó²îÔ´ÓÚÍøÂçϵͳ»ò²úÆ·ÖÐȱÉÙÉí·ÝÑéÖ¤²½·¥»òÉí·ÝÑé֤ǿ¶Èȱ·¦¡£¡£

CVS ²å¼þ±£´æ¿çÕ¾ÇëÇóαÔìÎó²î£¨CVE-2020-2184£©£¬£¬ £¬¸ÃÎó²îÔ´ÓÚWEBÓ¦ÓÃδ³ä·ÖÑéÖ¤ÇëÇóÊÇ·ñÀ´×Ô¿ÉÐÅÓû§¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îͨ¹ýÊÜÓ°Ïì¿Í»§¶ËÏòЧÀÍÆ÷·¢ËÍ·ÇÔ¤ÆÚµÄÇëÇ󡣡£

Amazon EC2 ²å¼þ±£´æ4 ¸öÎó²î£¨CVE-2020-2185¡¢CVE-2020-2186¡¢CVE-2020-2187¡¢CVE-2020-2188£©¡£¡£CVE-2020-2185Ô´ÓÚȱ·¦¶ÔSSHÖ÷ÉñÃØÔ¿µÄÑéÖ¤¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îʵÑéÖÐÐÄÈ˹¥»÷¡£¡£CVE-2020-2186Ô´ÓÚWEBÓ¦ÓÃδ³ä·ÖÑéÖ¤ÇëÇóÊÇ·ñÀ´×Ô¿ÉÐÅÓû§¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îͨ¹ýÊÜÓ°Ïì¿Í»§¶ËÏòЧÀÍÆ÷·¢ËÍ·ÇÔ¤ÆÚµÄÇëÇ󡣡£CVE-2020-2187Ô´ÓÚ³ÌÐòûÓÐÑéÖ¤SSL/TLSÖ¤ÊéºÍÖ÷»úÃû¡£¡£¹¥»÷Õß¿ÉʹÓøÃÎó²îʵÑéÖÐÐÄÈ˹¥»÷¡£¡£CVE-2020-2188Ô´ÓÚÍøÂçϵͳ»ò²úÆ·ÖÐȱÉÙÉí·ÝÑéÖ¤²½·¥»òÉí·ÝÑé֤ǿ¶Èȱ·¦¡£¡£

SCM Filter Jervis²å¼þ±£´æÔ¶³Ì´úÂëÖ´ÐÐÎó²î£¨CVE-2020-2189£©£¬£¬ £¬¸ÃÎó²îÔ´ÓÚSCM Filter Jervis²å¼þĬÈϲ»ÉèÖÃYAMLÆÊÎöÆ÷£¬£¬ £¬µ¼ÖÂÓû§¿ÉÒÔʹÓùýÂËÆ÷ÉèÖÃÏîÄ¿£¬£¬ £¬Ò²¿ÉÒÔ²Ù×÷SCMÒÑ´æ´¢ÉèÖùýµÄÏîÄ¿ÄÚÈÝ¡£¡£


0x02 Îó²î¼ì²â


½¨ÒéÏà¹ØÓû§¾¡¿ìÉó²éÄ¿½ñʹÓõIJå¼þ°æ±¾£¬£¬ £¬È·ÈÏÊÇ·ñÔÚÊÜÓ°Ïì¹æÄ£ÄÚ£¬£¬ £¬²¢ÊµÊ±Éý¼¶ÖÁÇå¾²°æ±¾¾ÙÐзÀ»¤£¬£¬ £¬²Ù×÷°ì·¨ÈçÏ£º

µã»÷¡°Manage Jenkins¡±½øÈëÖÎÀíÄ£¿£¿£¿£¿£¿£¿é£¬£¬ £¬Ñ¡Ôñ¡°Manage Plugins¡±ÖÎÀí²å¼þ¡£¡£


ÈËÉú¾ÍÊDz©-×ðÁú¿­Ê±Öйú¹ÙÍø



µã»÷¡°installed¡±¼´¿É¶ÔÄ¿½ñÒÑ×°ÖõIJå¼þ°æ±¾¾ÙÐÐÉó²é¡£¡£


ÈËÉú¾ÍÊDz©-×ðÁú¿­Ê±Öйú¹ÙÍø



0x03 ´¦Öóͷ£½¨Òé


ÏÖÔÚJenkins¹Ù·½ÒѾ­Õë¶Ô´Ë´ÎÎó²îÐû²¼ÁËеIJå¼þ°æ±¾£¬£¬ £¬ÇëÏà¹ØÓû§¾¡¿ìÉý¼¶ÊÜÓ°ÏìµÄ²å¼þÖÁÇå¾²°æ±¾£¬£¬ £¬²Ù×÷°ì·¨ÈçÏ£º

ÔÚ²å¼þÖÎÀí½çÃæÑ¡ÔñÐèÒªÉý¼¶µÄ²å¼þ£¬£¬ £¬µã»÷¡°Download now and install after restart¡±¾ÙÐиüвÙ×÷¡£¡£


ÈËÉú¾ÍÊDz©-×ðÁú¿­Ê±Öйú¹ÙÍø



0x04 Ïà¹ØÐÂÎÅ


https://www.openwall.com/lists/oss-security/2020/05/06/3


0x05 ²Î¿¼Á´½Ó


https://www.jenkins.io/security/advisory/2020-05-06/


0x06 ʱ¼äÏß


2020-05-06  Jenkins¹Ù·½Ðû²¼Í¨¸æ

2020-05-08 VSRCÐû²¼Îó²îͨ¸æ




ÈËÉú¾ÍÊDz©-×ðÁú¿­Ê±Öйú¹ÙÍø