CVE-2022-25175 — Jenkins Pipeline: Multibranch Plugin vulnerable to OS Command Injection

Description

Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier uses distinct checkout directories per SCM for the readTrusted step, allowing attackers with Item/Configure permission to invoke arbitrary OS commands on the controller through crafted SCM contents.

How to fix CVE-2022-25175

To remediate CVE-2022-25175, upgrade the affected package to a fixed version below.

—upgrade to 707.v71c3f0a_6ccdb or later

Is CVE-2022-25175 being exploited?

Low — EPSS is 0.4%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

from 0, < 707.v71c3f0a_6ccdb

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH8.8	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References (3)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2022-25175
WEBgithub.com/jenkinsci/workflow-multibranch-plugin/commit/71c3f0a6ccdb2ba43f43686826b0d62160df85e8
WEBwww.jenkins.io/security/advisory/2022-02-15/#SECURITY-2463