CVE-2021-21664 — Incorrect permission check in XebiaLabs XL Deploy Plugin allows capturing creden

Description

An incorrect permission check in Jenkins XebiaLabs XL Deploy Plugin 10.0.1 and earlier allows attackers with Generic Create permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored in Jenkins. The permission check was partially fixed in XebiaLabs XL Deploy Plugin 7.5.9: A permission check was added, but for the wrong permission, still allowing some non-admin users to access the form validation method.

How to fix CVE-2021-21664

To remediate CVE-2021-21664, upgrade the affected package to a fixed version below.

—upgrade to 10.0.2 or later

Is CVE-2021-21664 being exploited?

Low — EPSS is 0.0%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0, < 10.0.2

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References (5)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2021-21664
PATCHgithub.com/jenkinsci/xldeploy-plugin
WEBgithub.com/jenkinsci/xldeploy-plugin/commit/79ae204d2ee6cd94badf4c24a150cee13a3bde44
WEBwww.jenkins.io/security/advisory/2021-06-10/#SECURITY-1982