Skip to main content

Jenkins Gitee Plugin CVE-2026-57291

| EUVDEUVD-2026-38772 MEDIUM
Missing Authorization (CWE-862)
2026-06-24 jenkins GHSA-wjmq-rpqq-w4h9
5.4
CVSS 3.1 · Vendor: jenkins
Share

Severity by source

Vendor (jenkins) PRIMARY
5.4 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
vuln.today AI
5.4 MEDIUM

Network-reachable endpoint requires only Overall/Read authentication (PR:L); SSRF-like probing yields limited confidentiality and integrity impact with no availability consequence.

3.1 AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
4.0 AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Primary rating from Vendor (jenkins).

CVSS VectorVendor: jenkins

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

3
Analysis Generated
Jun 24, 2026 - 16:23 vuln.today
CVSS changed
Jun 24, 2026 - 16:22 NVD
5.4 (None) 5.4 (MEDIUM)
CVE Published
Jun 24, 2026 - 13:20 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Missing permission checks in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allow attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method.

AnalysisAI

Missing permission checks in Jenkins Gitee Plugin 1288.v18b_deb_c9069b_ and earlier allow any authenticated user holding the minimal Overall/Read Jenkins role to trigger outbound connections from the Jenkins controller to an attacker-specified URL using credential IDs sourced through a secondary method. This creates an SSRF-like primitive enabling internal network probing and credential ID validation without administrative access. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain valid Jenkins Overall/Read account
Delivery
Enumerate credential IDs via secondary disclosure method
Exploit
Craft HTTP request to Gitee Plugin connection-test endpoint
Execution
Specify attacker-controlled URL and harvested credential ID
Persist
Jenkins controller issues outbound connection to attacker server
Impact
Infer internal network topology or credential validity from received request

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid Jenkins user account with at least the Overall/Read permission, which is the lowest non-anonymous role in a standard Jenkins deployment and is commonly granted to all authenticated users in shared CI environments. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 5.4 Medium rating and the AV:N/AC:L/PR:L profile are internally consistent: network reachability and low complexity are offset by the PR:L requirement, which limits exploitation to users who already hold valid Jenkins credentials. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with a standard Jenkins account (Overall/Read) first obtains a valid credential ID from the Jenkins store through a secondary information-disclosure method. They then send a crafted HTTP request to the Gitee Plugin's connection-test endpoint, specifying an attacker-controlled server as the target URL and supplying the harvested credential ID. …
Remediation The primary fix is to upgrade the Jenkins Gitee Plugin to a version beyond 1288.v18b_deb_c9069b_ that incorporates the corrected permission checks, as described in the Jenkins security advisory at https://www.jenkins.io/security/advisory/2026-06-24/#SECURITY-3762%20(1). … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-57291 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy