APP: Jenkins CI Server Arbitrary Code Execution
This signature detects attempts to exploit a known vulnerability in Jenkins CI Server. Successful exploitation can result in arbitrary code execution
Extended Description
The Jenkins CLI subsystem in Jenkins before 1.638 and LTS before 1.625.2 allows remote attackers to execute arbitrary code via a crafted serialized Java object, related to a problematic webapps/ROOT/WEB-INF/lib/commons-collections-*.jar file and the "Groovy variant in 'ysoserial'".
Affected Products
Jenkins jenkins
References
BugTraq: 77636
CVE: CVE-2015-8103
URL: https://wiki.jenkins-ci.org/display/security/jenkins+security+advisory+2015-11-11
Short Name
APP:MISC:JENKINS-CI-SERVER-CE
Severity
Major
Recommended
True
Recommended Action
Drop
Category
APP
Keywords
Arbitrary CI CVE-2015-8103 Code Execution Jenkins Server bid:77636
Release Date
02/01/2016
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3667
Port
TCP/1024-65535
False Positive
Unknown
Vendors
Jenkins
Redhat
CVSS Score
7.5