CVE-2022-43418
Description
A CSRF vulnerability in Jenkins Katalon Plugin 1.0.33 and earlier allows attackers to exfiltrate stored credentials by tricking a Jenkins user into making a request with attacker-chosen credential IDs.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A CSRF vulnerability in Jenkins Katalon Plugin 1.0.33 and earlier allows attackers to exfiltrate stored credentials by tricking a Jenkins user into making a request with attacker-chosen credential IDs.
Vulnerability
Overview
CVE-2022-43418 is a cross-site request forgery (CSRF) vulnerability in the Jenkins Katalon Plugin, versions 1.0.33 and earlier. The plugin fails to require CSRF protection on a form validation endpoint, allowing an attacker to craft a malicious request that, when triggered by an authenticated Jenkins user, connects to an attacker-specified URL using attacker-specified credential IDs [1][3]. This enables the capture of credentials stored in Jenkins.
Exploitation
Prerequisites
Exploitation requires an authenticated Jenkins user who has access to the Katalon Plugin configuration. The attacker must first obtain valid credential IDs through another method, such as a separate vulnerability or information disclosure. The attacker then tricks the user into clicking a crafted link or visiting a malicious page, which triggers the CSRF request. The request uses the provided credential IDs to connect to an attacker-controlled server, effectively exfiltrating the credentials [1][3].
Impact
Successful exploitation leads to the disclosure of Jenkins credentials, including API tokens, passwords, and other secrets stored in the Jenkins credential store. This can compromise not only Jenkins itself but also any external systems integrated with Jenkins that rely on those credentials [1][3].
Mitigation
The vulnerability is fixed in Katalon Plugin version 1.0.34 [2]. Users are strongly advised to upgrade to this version or later. The plugin is available through the Jenkins update center [4]. No workarounds have been documented.
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
org.jenkins-ci.plugins:katalonMaven | < 1.0.34 | 1.0.34 |
Affected products
2- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
5- github.com/advisories/GHSA-x8j7-vxh9-p67gghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-43418ghsaADVISORY
- www.openwall.com/lists/oss-security/2022/10/19/3ghsamailing-listWEB
- www.jenkins.io/security/advisory/2022-10-19/ghsaWEB
- www.jenkins.io/security/advisory/2022-10-19/mitre
News mentions
0No linked articles in our index yet.