CVE-2023-50767: 
Java vulnerability analysis and mitigation

CVE-2023-50767 is a security vulnerability in Jenkins Nexus Platform Plugin versions 3.18.0-03 and earlier, discovered and disclosed on December 13, 2023. The vulnerability stems from missing permission checks in methods implementing form validation, affecting the Jenkins automation server environment. This vulnerability specifically impacts the Nexus Platform Plugin, which is a Jenkins integration component (Jenkins Advisory, NVD).

The vulnerability is characterized by missing permission checks in form validation methods, which allows attackers with Overall/Read permission to send HTTP requests to attacker-specified URLs and parse the responses as XML. The severity is rated as MEDIUM with a CVSS v3.1 base score of 5.4 (Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). The vulnerability is classified under CWE-862 (Missing Authorization) (NVD).

The vulnerability allows attackers with Overall/Read permission to send HTTP requests to arbitrary URLs and parse XML responses, potentially leading to information disclosure and unauthorized access to system resources. This could be exploited in conjunction with XML external entity (XXE) attacks for extraction of secrets from the Jenkins controller or server-side request forgery (Jenkins Advisory).

The vulnerability has been fixed in Nexus Platform Plugin version 3.18.1-01. The updated version implements proper permission checks by requiring POST requests and Overall/Administer permission for the affected HTTP endpoints. Additionally, the XML parser is now configured to prevent XML external entity (XXE) attacks. Note that the Nexus Platform Plugin is not currently distributed by the Jenkins Project due to licensing issues, but the fixed version can be downloaded from the Sonatype website (Jenkins Advisory).