CVE-2024-23897
Jenkins Command Line Interface (CLI) Path Traversa - [Actively Exploited]
Description
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
INFO
Published Date :
Jan. 24, 2024, 6:15 p.m.
Last Modified :
Nov. 21, 2024, 8:58 a.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
3.9
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314; https://nvd.nist.gov/vuln/detail/CVE-2024-23897
Public PoC/Exploit Available at Github
CVE-2024-23897 has a 84 public PoC/Exploit
available at Github.
Go to the Public Exploits
tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-23897
.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
A curated collection of Proof of Concept (PoC) tools, scripts, and techniques designed for red team operations, penetration testing, and cybersecurity research. This repository focuses on providing practical resources for exploring vulnerabilities
attack cybersecurity exp hw penetration-testing poc red-team security-tools vulnerability-poc
Jenkins CVE-2024-23897: Arbitrary File Read Vulnerability Leading to RCE
Python
CVE-2024-23897是一个影响Jenkins的严重安全漏洞
Python
POC - Jenkins File Read Vulnerability - CVE-2024-23897
cve-2024-23897 2024-23897 jenkins-file-read poc-cve-2024-23897 unauthenticated-read unauthenticated-read-files
Python
This repo contains the codes of the penetration test benchmark for Generative Agents presented in the paper "AutoPenBench: Benchmarking Generative Agents for Penetration Testing". It contains also the instructions to install, develop and test new vulnerable containers to include in the benchmark.
benchmark generative-agents generative-ai penetration-testing
Python Shell Dockerfile C PHP Hack CSS HTML Ruby Groovy
This repository updates latest Bug Bounty writeups every 10 minutes
Go
这是一个每天同步Vulnerability-Wiki中docs-base中内容的项目
HTML
CVE-2024-23897 분석
None
None
None
HTML
exploit diseñado para aprovechar una vulnerabilidad crítica en Jenkins versiones <= 2.441. La vulnerabilidad, CVE-2024-23897, permite la lectura arbitraria de archivos a través del CLI de Jenkins, lo que puede llevar a la exposición de información sensible o incluso a la ejecución remota de código (RCE) bajo ciertas circunstancias.
Reproduce CVE-2024–23897
None
HTML
CVE-2024-23897 exploit script
Python
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-23897
vulnerability anywhere in the article.
- TheCyberThrone
The CyberThrone most exploited vulnerabilities review – November 9, 2024
Welcome to TheCyberThrone most exploited vulnerabilities review. This review is for the weeks ending Saturday, November 9, 2024.Grafana LabsThe vulnerability tracked as CVE-2024-9264 with a 9.4-severi ... Read more
- TheCyberThrone
The CyberThrone Most Exploited Vulnerabilities Top 10 – October 2024
Welcome to TheCyberThrone most exploited vulnerabilities review. This review is for the month of October 2024CVE-2024-21762: Fortinet FortiOS: Out-of-bounds WriteCVSS 3.1 score : 9.8 CISA KEV : Y ... Read more
- Cybersecurity News
Security Vulnerabilities Uncovered in Jenkins: Immediate Updates Recommended
The Jenkins project has issued a security advisory, urging users to update their installations immediately due to the discovery of multiple vulnerabilities. These flaws could allow attackers to steal ... Read more
- Cybersecurity News
CVE-2024-43044: Critical Jenkins Vulnerability Exposes Servers to RCE, PoC Exploit Published
A security researcher from Conviso Labs published the technical details and a proof-of-concept (PoC) exploit for a critical CVE-2024-43044 vulnerability in Jenkin.Jenkins is integral to many developme ... Read more
- TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – August, 2024
Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending August, 2024Subscribers favorite #1Velvet Ant AP ... Read more
- Cybersecurity News
CVE-2024-39717: Versa Networks Director GUI Flaw Under Active Attack, CISA Issues Urgent Patching Directive
In a recent cybersecurity alert, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has highlighted the active exploitation of a severe vulnerability identified as CVE-2024-39717. This f ... Read more
- Cybersecurity News
ALBeast Vulnerability Exposes Thousands of AWS Applications to Critical AuthN/AuthZ Bypass
ALBeast attack demonstration | Image: MiggoA new configuration-based vulnerability, dubbed ALBeast, has been uncovered by Miggo Research, affecting a staggering number of applications relying on AWS A ... Read more
- Dark Reading
Critical, Actively Exploited Jenkins RCE Bug Suffers Patch Lag
Source: Andrew Darrington via Alamy Stock PhotoA critical vulnerability in the Jenkins open source automation server is still being actively exploited seven months after its initial disclosure.Jenkins ... Read more
- TheCyberThrone
F5 fixes NGINX and BIG-IP Vulnerabilities
F5 has recently released security advisories addressing vulnerabilities in its products. These vulnerabilities, if exploited, could lead to denial-of-service (DoS) attacks and unauthorized access, dis ... Read more
- TheCyberThrone
CISA adds Jenkins bug CVE-2024-23897 to its KEV Catalog
The U.S. CISA added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.Jenkins has addressed the vulnerability tracked as CVE-2024 ... Read more
- security.nl
VS waarschuwt voor Jenkins-lek gebruikt bij ransomware-aanvallen
Het cyberagentschap van de Amerikaanse overheid waarschuwt voor een kritieke path traversal-kwetsbaarheid in Jenkins die bij ransomware-aanvallen is ingezet. Jenkins is een open source automatiserings ... Read more
- The Hacker News
CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
Vulnerability / Ransomware The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, f ... Read more
- TheCyberThrone
CISA adds Jenkins bug CVE-2024-23897 to its KEV Catalog
The U.S. CISA added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.Jenkins has addressed the vulnerability tracked as CVE-2024 ... Read more
- BleepingComputer
CISA warns of Jenkins RCE bug exploited in ransomware attacks
CISA has added a critical Jenkins vulnerability that can be exploited to gain remote code execution to its catalog of security bugs, warning that it's actively exploited in attacks. Jenkins is a wide ... Read more
- TheCyberThrone
PoC for IvantiTM vulnerability CVE-2024-7593 released
To limit the exploitability of this vulnerability, Ivanti recommends limiting Admin Access to the Management Interface internal to the network through the private / corporate network.The researchers a ... Read more
- Cybersecurity News
RansomEXX Group Exploits Jenkins Vulnerability (CVE-2024-23897) in Major Indian Banking Attack
On August 1st, India experienced a massive disruption in its banking payment systems due to a ransomware attack on C-Edge Technologies, a service provider for several banks. The Juniper Networks team ... Read more
- Cybersecurity News
CVE-2024-43044: Critical Jenkins Vulnerability Exposes Servers to RCE Attacks
Today, Jenkins, the popular open-source automation server, has issued an urgent advisory detailing two vulnerabilities, one with a critical severity rating. These vulnerabilities, identified as CVE-20 ... Read more
- TheCyberThrone
Apache OFBiz fixes CVE-2024-38856
Apache OFBiz has released an urgent security advisory due to the potential for unauthorized code execution.The vulnerability tracked as CVE-2024-38856 stems into an incorrect authorization handling wi ... Read more
- TheCyberThrone
TheCyberThrone Security Week In Review – August 03, 2024
Welcome to TheCyberThrone cybersecurity week in review will be posted covering the important security happenings. This review is for the week ending Saturday, August 03, 2024.MOVEit fixes High Severit ... Read more
- TheCyberThrone
Apple backports CVE-2024-23296 for older Mac models
Apple has backported a critical zero-day patch to older Mac models running macOS Monterey 12.7.6. The vulnerability, tracked as CVE-2024-23296, was addressed during this year March for newer devices b ... Read more
- TheCyberThrone
Bitdefender patches critical vulnerability -CVE-2024-6980
Bitdefender has released a patch for a critical vulnerability in its GravityZone Update Server. The vulnerability that could potentially allow attackers to perform server-side request forgery attacks ... Read more
- TheCyberThrone
TheCyberThrone CyberSecurity Newsletter Top 5 Articles – July, 2024
Welcome to TheCyberThrone cybersecurity month in review will be posted covering the important security happenings . This review is for the month ending July, 2024Subscribers favorite #1RegreSSHion Vul ... Read more
- TheCyberThrone
RansomEXX hits Indian banks exploiting CVE-2024-23897
A ransomware attack has recently compromised India’s banking sector, affecting banks and payment providers. The attack has primarily targeted Brontoo Technology Solutions, a major partner of C-Edge Te ... Read more
- Trend Micro
Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk
Exploits & Vulnerabilities Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897. Jenkins, a popular open-source automation serve ... Read more
The following table lists the changes that have been made to the
CVE-2024-23897
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Nov. 21, 2024
Action Type Old Value New Value Added Reference http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html Added Reference http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html Added Reference http://www.openwall.com/lists/oss-security/2024/01/24/6 Added Reference https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314 Added Reference https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/ Added Reference https://www.vicarius.io/vsociety/posts/the-anatomy-of-a-jenkins-vulnerability-cve-2024-23897-revealed-1 -
Modified Analysis by [email protected]
Aug. 20, 2024
Action Type Old Value New Value Changed Reference Type https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/ No Types Assigned https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/ Exploit, Press/Media Coverage Removed CWE NIST NVD-CWE-noinfo Added CWE NIST CWE-22 -
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Aug. 20, 2024
Action Type Old Value New Value Added Vulnerability Name Jenkins Command Line Interface (CLI) Path Traversal Vulnerability Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. Added Due Date 2024-09-09 Added Date Added 2024-08-19 -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Aug. 19, 2024
Action Type Old Value New Value Added CWE CISA-ADP CWE-27 Added CVSS V3.1 CISA-ADP AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H -
CVE Modified by [email protected]
May. 14, 2024
Action Type Old Value New Value Added Reference Jenkins Project https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/ [No types assigned] -
Modified Analysis by [email protected]
Mar. 07, 2024
Action Type Old Value New Value Removed CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Changed Reference Type http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html Third Party Advisory http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html Third Party Advisory, VDB Entry Changed Reference Type http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html Exploit, Third Party Advisory http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html Exploit, Third Party Advisory, VDB Entry Changed Reference Type http://www.openwall.com/lists/oss-security/2024/01/24/6 No Types Assigned http://www.openwall.com/lists/oss-security/2024/01/24/6 Mailing List Changed CPE Configuration OR *cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* versions up to (including) 2.426.2 *cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:* versions up to (including) 2.441 OR *cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* versions up to (excluding) 2.426.3 *cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:* versions up to (excluding) 2.442 -
CVE Modified by [email protected]
Feb. 29, 2024
Action Type Old Value New Value Added Reference Jenkins Project http://www.openwall.com/lists/oss-security/2024/01/24/6 [No types assigned] -
Initial Analysis by [email protected]
Jan. 31, 2024
Action Type Old Value New Value Added CVSS V3.1 NIST AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Changed Reference Type http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html No Types Assigned http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html Third Party Advisory Changed Reference Type http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html No Types Assigned http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html Exploit, Third Party Advisory Changed Reference Type https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314 No Types Assigned https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314 Vendor Advisory Added CWE NIST NVD-CWE-noinfo Added CPE Configuration OR *cpe:2.3:a:jenkins:jenkins:*:*:*:*:lts:*:*:* versions up to (including) 2.426.2 *cpe:2.3:a:jenkins:jenkins:*:*:*:*:-:*:*:* versions up to (including) 2.441 -
CVE Modified by [email protected]
Jan. 29, 2024
Action Type Old Value New Value Added Reference Jenkins Project http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html [No types assigned] Added Reference Jenkins Project http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html [No types assigned] -
CVE Modified by [email protected]
Jan. 25, 2024
Action Type Old Value New Value Removed Reference Jenkins Project http://www.openwall.com/lists/oss-security/2024/01/24/6 -
CVE Received by [email protected]
Jan. 24, 2024
Action Type Old Value New Value Added Description Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. Added Reference Jenkins Project https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314 [No types assigned] Added Reference Jenkins Project http://www.openwall.com/lists/oss-security/2024/01/24/6 [No types assigned]
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-23897
is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-23897
weaknesses.
Exploit Prediction
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.
96.94 }} -0.05%
score
0.99774
percentile