CVE-2022-27208

Vulnerability

The Jenkins Kubernetes Continuous Deploy Plugin (kubernetes-cd) version 2.3.1 and earlier allows users who have the Credentials/Create permission to read arbitrary files on the Jenkins controller. This is due to insufficient permission checks or missing path validation in the plugin's functionality. [1]

Exploitation

An attacker with the Credentials/Create permission can exploit this vulnerability by interacting with the plugin's feature that handles credentials or deployment configurations, triggering a read of arbitrary files on the controller filesystem. No other privileges or user interaction are required beyond the granted permission. [1]

Impact

Successful exploitation allows the attacker to read any file accessible to the Jenkins controller process. This can expose sensitive information such as credentials, configuration files, and secrets, potentially leading to further compromise of the Jenkins environment. [1]

Mitigation

As of the advisory date (2022-03-15), no fix has been released for the Kubernetes Continuous Deploy Plugin. It is listed as an unresolved security issue. [2] Until a patched version is available, users should restrict the Credentials/Create permission to only trusted users or consider disabling the plugin if not essential. [1]