Vulnerability Details CVE-2018-1000865
A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 69.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 6.5
References
- https://access.redhat.com/errata/RHBA-2019:0326
- https://access.redhat.com/errata/RHBA-2019:0327
- https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186
- https://access.redhat.com/errata/RHBA-2019:0326
- https://access.redhat.com/errata/RHBA-2019:0327
- https://jenkins.io/security/advisory/2018-10-29/#SECURITY-1186
Products affected by CVE-2018-1000865
-
cpe:2.3:a:jenkins:script_security:1.0
-
cpe:2.3:a:jenkins:script_security:1.1
-
cpe:2.3:a:jenkins:script_security:1.10
-
cpe:2.3:a:jenkins:script_security:1.11
-
cpe:2.3:a:jenkins:script_security:1.12
-
cpe:2.3:a:jenkins:script_security:1.13
-
cpe:2.3:a:jenkins:script_security:1.14
-
cpe:2.3:a:jenkins:script_security:1.15
-
cpe:2.3:a:jenkins:script_security:1.16
-
cpe:2.3:a:jenkins:script_security:1.17
-
cpe:2.3:a:jenkins:script_security:1.18
-
cpe:2.3:a:jenkins:script_security:1.18.1
-
cpe:2.3:a:jenkins:script_security:1.19
-
cpe:2.3:a:jenkins:script_security:1.2
-
cpe:2.3:a:jenkins:script_security:1.20
-
cpe:2.3:a:jenkins:script_security:1.21
-
cpe:2.3:a:jenkins:script_security:1.22
-
cpe:2.3:a:jenkins:script_security:1.23
-
cpe:2.3:a:jenkins:script_security:1.24
-
cpe:2.3:a:jenkins:script_security:1.25
-
cpe:2.3:a:jenkins:script_security:1.26
-
cpe:2.3:a:jenkins:script_security:1.27
-
cpe:2.3:a:jenkins:script_security:1.28
-
cpe:2.3:a:jenkins:script_security:1.29
-
cpe:2.3:a:jenkins:script_security:1.29.1
-
cpe:2.3:a:jenkins:script_security:1.3
-
cpe:2.3:a:jenkins:script_security:1.30
-
cpe:2.3:a:jenkins:script_security:1.31
-
cpe:2.3:a:jenkins:script_security:1.32
-
cpe:2.3:a:jenkins:script_security:1.33
-
cpe:2.3:a:jenkins:script_security:1.34
-
cpe:2.3:a:jenkins:script_security:1.35
-
cpe:2.3:a:jenkins:script_security:1.36
-
cpe:2.3:a:jenkins:script_security:1.37
-
cpe:2.3:a:jenkins:script_security:1.38
-
cpe:2.3:a:jenkins:script_security:1.39
-
cpe:2.3:a:jenkins:script_security:1.4
-
cpe:2.3:a:jenkins:script_security:1.40
-
cpe:2.3:a:jenkins:script_security:1.41
-
cpe:2.3:a:jenkins:script_security:1.42
-
cpe:2.3:a:jenkins:script_security:1.43
-
cpe:2.3:a:jenkins:script_security:1.44
-
cpe:2.3:a:jenkins:script_security:1.44.1
-
cpe:2.3:a:jenkins:script_security:1.45
-
cpe:2.3:a:jenkins:script_security:1.46
-
cpe:2.3:a:jenkins:script_security:1.46.1
-
cpe:2.3:a:jenkins:script_security:1.47
-
cpe:2.3:a:jenkins:script_security:1.5
-
cpe:2.3:a:jenkins:script_security:1.6
-
cpe:2.3:a:jenkins:script_security:1.7
-
cpe:2.3:a:jenkins:script_security:1.8
-
cpe:2.3:a:jenkins:script_security:1.9
-
cpe:2.3:a:redhat:openshift_container_platform:3.11