CVE-2023-32992: 
Java vulnerability analysis and mitigation

CVE-2023-32992 is a security vulnerability discovered in Jenkins SAML Single Sign On(SSO) Plugin versions 2.0.2 and earlier. The vulnerability was disclosed on May 16, 2023, and affects the permission checking mechanism in multiple HTTP endpoints of the plugin. This vulnerability is part of a set of security issues found in the SAML SSO Plugin, which impacts Jenkins installations using this authentication method (Jenkins Advisory).

The vulnerability stems from missing permission checks in multiple HTTP endpoints within the plugin. The issue allows attackers with Overall/Read permission to send HTTP requests to attacker-specified URLs and parse the responses as XML, or parse local files on the Jenkins controller as XML. The vulnerability has been assigned a CVSS v3.1 base score of 8.8 (High), with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

The vulnerability's impact is severe as it allows attackers to parse XML responses that use external entities for extraction of secrets from the Jenkins controller or perform server-side request forgery (SSRF). Since the plugin does not configure its XML parser to prevent XML external entity (XXE) attacks, attackers can leverage this to access sensitive information or make unauthorized requests (GitHub Lab).

The vulnerability has been fixed in SAML Single Sign On(SSO) Plugin version 2.1.0. The fix implements proper permission checks requiring Overall/Administer permission for the affected HTTP endpoints and requires POST requests. Organizations using affected versions should upgrade to version 2.1.0 or later to mitigate this vulnerability (Jenkins Advisory).