CVE-2022-45394

Vulnerability

Description

The Jenkins Delete log Plugin, in versions 1.0 and earlier, contains a missing permission check vulnerability [1]. This flaw allows an attacker who already has the Item/Read permission to delete build logs without requiring any additional authorization [2]. The plugin fails to verify whether the user has the necessary permissions to perform deletion operations, bypassing the expected access control.

Exploitation

Scenario

To exploit this vulnerability, an attacker only needs to have Item/Read permission on a Jenkins job [1][3]. This permission level is typically granted to users for viewing job configurations and logs. The attacker can then use the Delete log Plugin's functionality to delete build logs, even though they should not have that privilege [2]. The attack can be performed over the network without any special position beyond being an authenticated Jenkins user with minimal permissions.

Impact

The impact of successful exploitation is the unauthorized deletion of build logs [1][3]. This can lead to loss of historical build data, potentially covering up evidence of malicious activity or causing operational disruption. Since deletion is irreversible (depending on backup policies), the integrity and availability of build history are compromised. The vulnerability does not allow code execution or privilege escalation beyond the already assigned permissions.

Mitigation

As of the Jenkins Security Advisory 2022-11-15, the Delete log Plugin is listed among unresolved security issues; no patched version has been released [2]. Users are advised to review their plugin usage and consider removing or disabling the plugin if not essential. There is no known workaround provided by the vendor. Administrators should monitor for updates from the plugin maintainer [4].