Missing permission checks in Jenkins MATLAB Plugin 2.11.0 and earlier allow attackers to have Jenkins parse an XML file from the Jenkins controller file system.
The MATLAB plugin for Jenkins does not perform required permission checks before processing an XML file specified by a request. An attacker can send a crafted request to the plugin endpoint, specifying the path to any XML file on the Jenkins controller. Jenkins then parses the specified file, which may expose its contents or trigger additional effects resulting from external XML entity (XXE) processing. The vulnerability is classified as CWE-862 — missing authorization check.
An unauthenticated attacker can gain access to sensitive XML files stored on the Jenkins controller server, potentially exposing configuration data, credentials, or other sensitive information. Depending on the content of the processed files, further expansion of the attack scope in the CI/CD environment is possible.
Update Jenkins MATLAB Plugin to a version higher than 2.11.0, which includes the required permission checks. Details of the fix are available in the official Jenkins security bulletin at: https://www.jenkins.io/security/advisory/2023-11-29/#SECURITY-3193
Jenkins MATLAB Plugin in version 2.11.0 and earlier.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HJenkins Matlab
APPJenkins< 2.11.1
Related vulnerabilities
XXE w Jenkins MATLAB Plugin — pełny dostęp bez uwierzytelnienia
A cross-site request forgery (CSRF) vulnerability in Jenkins MATLAB Plugin 2.11.0 and earlier allows attackers...
A cross-site request forgery (CSRF) vulnerability in Jenkins NeuVector Vulnerability Scanner Plugin 1.22 and e...
Jenkins CLI – odczyt dowolnych plików przez path traversal bez uwierzytelnienia
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/...