Listen to this Post
How the CVE Works:
CVE-2025-31723 is a CSRF vulnerability in Jenkins Simple Queue Plugin (versions ≤1.4.6). Attackers craft malicious requests to alter the build queue order without user consent. By tricking an authenticated admin into clicking a malicious link, the attacker resets or reorders pending builds, disrupting CI/CD pipelines. The plugin fails to validate CSRF tokens, allowing unauthorized queue modifications.
DailyCVE Form:
Platform: Jenkins
Version: ≤1.4.6
Vulnerability: CSRF
Severity: Medium
Date: 04/17/2025
What Undercode Say:
Exploitation:
- Craft a malicious HTML page with a forged request:
</li> </ol> <form action="http://jenkins-server/queue/rebuild" method="POST"> <input type="hidden" name="job" value="target-build"> </form> <script>document.forms[bash].submit();</script>
2. Use social engineering to lure admins.
Mitigation:
1. Upgrade to Simple Queue Plugin >1.4.6.
- Enable CSRF protection in Jenkins (
Manage Jenkins > Configure Global Security).
3. Add `Strict-Transport-Security` headers.
Detection:
curl -I http://jenkins-server/queue | grep X-Jenkins-CLI-Port
Analytics:
- Attack Vector: Network
- Privilege Required: Low (authenticated user)
- CVSS Score: 6.5 (Medium)
- Exploitability: High (low skill required)
Patch Verification:
java -jar jenkins-cli.jar -s http://jenkins-server/ list-plugins | grep simple-queue
Workaround:
Revoke unnecessary queue-modification permissions via `Role-Based Strategy Plugin`.
Logging:
Monitor `access.log` for suspicious `/queue/rebuild` POST requests.
References:
(End of technical details. No additional commentary.)
Sources:
Reported By: nvd.nist.gov
Extra Source Hub:
UndercodeJoin Our Cyber World:
- Enable CSRF protection in Jenkins (

