Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
Multiple vulnerabilities in Jenkins servers could be used for crypto mining
Image
Published : 20/12/2018
Reference:
Advisory #2018-30
Version:
1.0
Affected software:
Jenkins weekly up to and including 2.137 and Jenkins LTS up to and including 2.121.2
Type:
Deserialization
CVE/CVSS:
→ CVE-2018-1999001
→ CVE-2018-1999043
Sources
- https://www.cyberark.com/threat-research-blog/tripping-the-jenkins-main-security-circuit-breaker-an-inside-look-at-two-jenkins-security-vulnerabilities/
- https://jenkins.io/security/advisory/2018-07-30/
Risks
CVE-2018-1999001 could potentially allow attackers to register on a Jenkins server as an administrator. This could expose sensitive data such as source code or allow attackers to modify software that is deployed using Jenkins.
CVE-2018-1999043 can allow attackers to create temporary user names which would allow them to log into Jenkins servers for a short period of time.
Cyber criminals have exploited Jenkins servers in the past, earlier this year a group exploited CVE-2017-1000353 to install Monero mining malware on Jenkins servers around the globe.
Recommended Actions
CERT.be recommends users to always keep their systems up to date.
Updates can be found at : https://jenkins.io/download/