CVE-2022-25212

Vulnerability

A cross-site request forgery (CSRF) vulnerability exists in the Jenkins SWAMP Plugin in versions 1.2.6 and earlier [1]. The plugin does not validate requests to connect to a SWAMP instance, allowing an attacker to forge requests on behalf of a Jenkins user who has access to the plugin's configuration [1][3].

Exploitation

An attacker can exploit this vulnerability by tricking an authenticated Jenkins user with access to the SWAMP plugin configuration into visiting a malicious web page or clicking a crafted link [1]. The attacker does not need any authentication on the Jenkins instance itself, as the CSRF attack relies on the victim's active session [1][3]. The steps involve crafting a malicious request that includes the attacker-specified server URL and credentials, which the plugin then uses to connect to the attacker-controlled server [1].

Impact

Successful exploitation allows the attacker to make the Jenkins SWAMP plugin connect to an attacker-specified web server using attacker-specified credentials [1][3]. This could lead to disclosure of Jenkins configuration or credentials used by the plugin, as well as enable further attacks on the attacker-controlled server via the Jenkins instance, potentially leaking sensitive information [1][3].

Mitigation

As of the 2022-02-15 security advisory, a fix has been released in SWAMP Plugin version 1.2.7 [1]. Users should update to this version to mitigate the vulnerability. No workarounds are documented in the available references. If updating is not possible, consider disabling the SWAMP plugin or restricting access to the affected Jenkins instance.