CVE-2024-23897
Jenkins Command Line Interface (CLI) Path Traversa - [Actively Exploited]
Description
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
INFO
Published Date :
Jan. 24, 2024, 6:15 p.m.
Last Modified :
Aug. 20, 2024, 1:34 p.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
3.9
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314
Public PoC/Exploit Available at Github
CVE-2024-23897 has a 74 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-23897.
| URL | Resource |
|---|---|
| http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html | Third Party Advisory VDB Entry |
| http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html | Exploit Third Party Advisory VDB Entry |
| http://www.openwall.com/lists/oss-security/2024/01/24/6 | Mailing List |
| https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314 | Vendor Advisory |
| https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/ | Exploit Press/Media Coverage |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
CVE-2024-23897 분석
None
None
None
HTML
exploit diseñado para aprovechar una vulnerabilidad crítica en Jenkins versiones <= 2.441. La vulnerabilidad, CVE-2024-23897, permite la lectura arbitraria de archivos a través del CLI de Jenkins, lo que puede llevar a la exposición de información sensible o incluso a la ejecución remota de código (RCE) bajo ciertas circunstancias.
Reproduce CVE-2024–23897
None
HTML
None
Python
红队武器库漏洞利用工具合集整理
HTML
None
Un exploit con el que puedes aprovecharte de la vulnerabilidad (CVE-2024-23897)
Python
Latest CVEs with their Proof of Concept exploits.
Python
Poc para explotar la vulnerabilidad CVE-2024-23897 en versiones 2.441 y anteriores de Jenkins, mediante la cual podremos leer archivos internos del sistema sin estar autenticados
Python
CLI utility to query Shodan's CVE DB
cve-search shodan shodan-client
Go
此项目的POC来源为2024年以来各大威胁情报的高危漏洞复现,POC已通过nuclei或xray武器化,本项目旨在为网络安全爱好者们提供一点参考资料,可供个人研究使用,共勉
Shell Batchfile Python ASP.NET Java Classic ASP PHP
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-23897 vulnerability anywhere in the article.
-
Cybersecurity News
CVE-2024-43044: Critical Jenkins Vulnerability Exposes Servers to RCE, PoC Exploit Published
A security researcher from Conviso Labs published the technical details and a proof-of-concept (PoC) exploit for a critical CVE-2024-43044 vulnerability in Jenkin.Jenkins is integral to many developme ... Read more
-
TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – August, 2024
Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending August, 2024Subscribers favorite #1Velvet Ant AP ... Read more
-
Cybersecurity News
CVE-2024-39717: Versa Networks Director GUI Flaw Under Active Attack, CISA Issues Urgent Patching Directive
In a recent cybersecurity alert, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has highlighted the active exploitation of a severe vulnerability identified as CVE-2024-39717. This f ... Read more
-
Cybersecurity News
ALBeast Vulnerability Exposes Thousands of AWS Applications to Critical AuthN/AuthZ Bypass
ALBeast attack demonstration | Image: MiggoA new configuration-based vulnerability, dubbed ALBeast, has been uncovered by Miggo Research, affecting a staggering number of applications relying on AWS A ... Read more
-
Dark Reading
Critical, Actively Exploited Jenkins RCE Bug Suffers Patch Lag
Source: Andrew Darrington via Alamy Stock PhotoA critical vulnerability in the Jenkins open source automation server is still being actively exploited seven months after its initial disclosure.Jenkins ... Read more
-
TheCyberThrone
F5 fixes NGINX and BIG-IP Vulnerabilities
F5 has recently released security advisories addressing vulnerabilities in its products. These vulnerabilities, if exploited, could lead to denial-of-service (DoS) attacks and unauthorized access, dis ... Read more
-
TheCyberThrone
CISA adds Jenkins bug CVE-2024-23897 to its KEV Catalog
The U.S. CISA added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.Jenkins has addressed the vulnerability tracked as CVE-2024 ... Read more
-
security.nl
VS waarschuwt voor Jenkins-lek gebruikt bij ransomware-aanvallen
Het cyberagentschap van de Amerikaanse overheid waarschuwt voor een kritieke path traversal-kwetsbaarheid in Jenkins die bij ransomware-aanvallen is ingezet. Jenkins is een open source automatiserings ... Read more
-
The Hacker News
CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
Vulnerability / Ransomware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, f ... Read more
-
TheCyberThrone
CISA adds Jenkins bug CVE-2024-23897 to its KEV Catalog
The U.S. CISA added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.Jenkins has addressed the vulnerability tracked as CVE-2024 ... Read more
-
BleepingComputer
CISA warns of Jenkins RCE bug exploited in ransomware attacks
CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it's actively exploited in attacks. Jenkins is a wide ... Read more
-
TheCyberThrone
PoC for IvantiTM vulnerability CVE-2024-7593 released
To limit the exploitability of this vulnerability, Ivanti recommends limiting Admin Access to the Management Interface internal to the network through the private / corporate network.The researchers a ... Read more
-
Cybersecurity News
RansomEXX Group Exploits Jenkins Vulnerability (CVE-2024-23897) in Major Indian Banking Attack
On August 1st, India experienced a massive disruption in its banking payment systems due to a ransomware attack on C-Edge Technologies, a service provider for several banks. The Juniper Networks team ... Read more
-
Cybersecurity News
CVE-2024-43044: Critical Jenkins Vulnerability Exposes Servers to RCE Attacks
Today, Jenkins, the popular open-source automation server, has issued an urgent advisory detailing two vulnerabilities, one with a critical severity rating. These vulnerabilities, identified as CVE-20 ... Read more
-
TheCyberThrone
Apache OFBiz fixes CVE-2024-38856
Apache OFBiz has released an urgent security advisory due to the potential for unauthorized code execution.The vulnerability tracked as CVE-2024-38856 stems into an incorrect authorization handling wi ... Read more
-
TheCyberThrone
TheCyberThrone Security Week In Review – August 03, 2024
Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, August 03, 2024.MOVEit fixes High Severit ... Read more
-
TheCyberThrone
Apple backports CVE-2024-23296 for older Mac models
Apple has backported a critical zero-day patch to older Mac models running macOS Monterey 12.7.6. The vulnerability, tracked as CVE-2024-23296, was addressed during this year March for newer devices b ... Read more
-
TheCyberThrone
Bitdefender patches critical vulnerability -CVE-2024-6980
Bitdefender has released a patch for a critical vulnerability in its GravityZone Update Server. The vulnerability that could potentially allow attackers to perform server-side request forgery attacks ... Read more
-
TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – July, 2024
Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending July, 2024Subscribers favorite #1RegreSSHion Vul ... Read more
-
TheCyberThrone
RansomEXX hits Indian banks exploiting CVE-2024-23897
A ransomware attack has recently compromised India’s banking sector, affecting banks and payment providers. The attack has primarily targeted Brontoo Technology Solutions, a major partner of C-Edge Te ... Read more
-
Trend Micro
Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk
Exploits & Vulnerabilities Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897. Jenkins, a popular open-source automation serve ... Read more
The following table lists the changes that have been made to the
CVE-2024-23897 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
Modified Analysis by [email protected]
Aug. 20, 2024
Action Type Old Value New Value Changed Reference Type https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/ No Types Assigned https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/ Exploit, Press/Media Coverage Removed CWE NIST NVD-CWE-noinfo Added CWE NIST CWE-22 -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Aug. 20, 2024
Action Type Old Value New Value Added Vulnerability Name Jenkins Command Line Interface (CLI) Path Traversal Vulnerability Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Added Due Date 2024-09-09 Added Date Added 2024-08-19 -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Aug. 19, 2024
Action Type Old Value New Value Added CWE CISA-ADP CWE-27 Added CVSS V3.1 CISA-ADP AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H -
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value Added Reference Jenkins Project https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/ [No types assigned] -
Modified Analysis by [email protected]
Mar. 07, 2024
Action Type Old Value New Value Removed CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Changed Reference Type http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html Third Party Advisory http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html Third Party Advisory, VDB Entry Changed Reference Type http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html Exploit, Third Party Advisory http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html Exploit, Third Party Advisory, VDB Entry Changed Reference Type http://www.openwall.com/lists/oss-security/2024/01/24/6 No Types Assigned http://www.openwall.com/lists/oss-security/2024/01/24/6 Mailing List Changed CPE Configuration OR *cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* versions up to (including) 2.426.2 *cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:* versions up to (including) 2.441 OR *cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* versions up to (excluding) 2.426.3 *cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:* versions up to (excluding) 2.442 -
CVE Modified by [email protected]
Feb. 29, 2024
Action Type Old Value New Value Added Reference Jenkins Project http://www.openwall.com/lists/oss-security/2024/01/24/6 [No types assigned] -
Initial Analysis by [email protected]
Jan. 31, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Changed Reference Type http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html No Types Assigned http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html Third Party Advisory Changed Reference Type http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html No Types Assigned http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html Exploit, Third Party Advisory Changed Reference Type https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314 No Types Assigned https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314 Vendor Advisory Added CWE NIST NVD-CWE-noinfo Added CPE Configuration OR *cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* versions up to (including) 2.426.2 *cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:* versions up to (including) 2.441 -
CVE Modified by [email protected]
Jan. 29, 2024
Action Type Old Value New Value Added Reference Jenkins Project http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html [No types assigned] Added Reference Jenkins Project http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html [No types assigned] -
CVE Modified by [email protected]
Jan. 25, 2024
Action Type Old Value New Value Removed Reference Jenkins Project http://www.openwall.com/lists/oss-security/2024/01/24/6 -
CVE Received by [email protected]
Jan. 24, 2024
Action Type Old Value New Value Added Description Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. Added Reference Jenkins Project https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314 [No types assigned] Added Reference Jenkins Project http://www.openwall.com/lists/oss-security/2024/01/24/6 [No types assigned]
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-23897 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-23897
weaknesses.
Exploit Prediction
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.
97.03 }} -0.09%
score
0.99790
percentile