VYPR
← All advisories
High severityNVD Advisory· Published Jul 26, 2023· Updated Oct 15, 2024

Missing Authorization in Jenkins plug-in for ServiceNow DevOps

CVE-2023-3442

Description

Missing authorization in Jenkins ServiceNow DevOps Plugin prior to 1.38.1 allows attackers to access sensitive information.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Missing authorization in Jenkins ServiceNow DevOps Plugin prior to 1.38.1 allows attackers to access sensitive information.

Vulnerability

Overview A missing authorization vulnerability exists in the Jenkins Plugin for ServiceNow DevOps prior to version 1.38.1. The flaw allows unauthorized exposure of sensitive information due to insufficient access controls on certain endpoints [1].

Exploitation

An attacker with network access to a Jenkins server running the vulnerable plugin can exploit this by sending crafted requests to specific plugin endpoints without proper authentication checks. The commit addressing the issue adds a @POST annotation and a permission check (Jenkins.MANAGE) to the doTestConnection method, indicating that the vulnerability could be triggered via GET requests or without proper authorization [4].

Impact

Successful exploitation could lead to the leakage of credentials or other sensitive data, potentially enabling further attacks on the Jenkins environment or connected ServiceNow instances [1][4].

Mitigation

The vulnerability is fixed in version 1.38.1 of the ServiceNow DevOps Plugin, which should be installed immediately. No changes are required on the ServiceNow platform side [1][2]. Administrators are advised to upgrade as soon as possible.

References
  1. NVD - CVE-2023-3442
  2. Release v1.38.1 · jenkinsci/servicenow-devops-plugin
  3. DEF0417750: [Security Bug] Credential leakage through SSRF | Open so… · jenkinsci/servicenow-devops-plugin@d7d2422

AI Insight generated on May 20, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
io.jenkins.plugins:servicenow-devopsMaven
< 1.38.11.38.1

Affected products

2

Patches

2
67192e240997

DEF0417750: [Security Bug] Credential leakage through SSRF | Open source

https://github.com/jenkinsci/servicenow-devops-pluginBhavani Velivala (ServiceNow)Jun 30, 2023via ghsa
commit
1 file changed · +2 2
  • src/main/java/io/jenkins/plugins/config/DevOpsConfiguration.java+2 2 modified
    @@ -238,7 +238,7 @@ public FormValidation doTestConnection(@QueryParameter("instanceUrl") String ins
 		List<DomainRequirement> drl = null;
 		ItemGroup itemGroup = null;
 		Authentication authentication = null;
-		Jenkins.get().checkPermission(Jenkins.MANAGE);
+		Jenkins.get().checkPermission(Jenkins.ADMINISTER);
 		if (GenericUtils.isEmpty(instanceUrl))
 			return FormValidation.error("Please provide the url!");
 
@@ -517,4 +517,4 @@ public String getPolicyValidationURL() {
 				? String.format("%s/api/now/table/sn_cdm_policy_validation_result", getTrimmedUrl(getInstanceUrl()))
 				: null;
 	}
-}
\ No newline at end of file
+}
d7d2422b0169

DEF0417750: [Security Bug] Credential leakage through SSRF | Open source

https://github.com/jenkinsci/servicenow-devops-pluginbhavani.velivalaJun 27, 2023via ghsa
commit
1 file changed · +3 1
  • src/main/java/io/jenkins/plugins/config/DevOpsConfiguration.java+3 1 modified
    @@ -24,6 +24,7 @@
 import org.kohsuke.accmod.restrictions.NoExternalUse;
 import org.kohsuke.stapler.QueryParameter;
 import org.kohsuke.stapler.StaplerRequest;
+import org.kohsuke.stapler.verb.POST;
 
 import javax.annotation.Nonnull;
 import javax.servlet.ServletException;
@@ -229,14 +230,15 @@ public FormValidation doCheckToolId(@QueryParameter("toolId") String snToolId)
 	}
 
 	// Skipping validation for Artifact tool Id as it is an optional parameter.
+	@POST
 	public FormValidation doTestConnection(@QueryParameter("instanceUrl") String instanceUrl,
 			@QueryParameter("apiVersion") String apiVersion, @QueryParameter("toolId") String toolId,
 			@QueryParameter("credentialsId") String credentialsId) throws IOException, ServletException {
 
 		List<DomainRequirement> drl = null;
 		ItemGroup itemGroup = null;
 		Authentication authentication = null;
-
+		Jenkins.get().checkPermission(Jenkins.MANAGE);
 		if (GenericUtils.isEmpty(instanceUrl))
 			return FormValidation.error("Please provide the url!");

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

6

News mentions

1