<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=1354242&amp;fmt=gif">

Jenkins Vulnerability Alert | January 2024

Jenkins Vulnerability Overview

 

Update August 21, 2024:

CVE-2024-23897 is actively being exploited by malicious threat actors and was recently added to the Cybersecurity and Infrastructure Security Agency (CISA) Known Exploited Vulnerability list. CVE-2024-23897 could allow an unauthenticated attacker to gain limited read access to certain files, which can lead to code execution. This could lead to serious incidents such as data theft or ransomware. If your organization has not already, we recommend taking mitigating action immediately.

Background Information

On January 24th, 2024 Jenkins released an advisory detailing a serious security flaw (CVE-2024-0204) in their open-source automation server. Jenkins is a tool often used by organizations for software development and collaboration. The vulnerability allows a remote attacker to read files or execute arbitrary code. Corvus has observed similar vulnerabilities lead to exploitation in the past. Security patches have been released and should be applied as soon as possible.

Impact of the Vulnerability

The vulnerability affects Jenkins instances running the following versions:

  • Jenkins 2.441 and earlier
  • Jenkins LTS 2.426.2 and earlier

Attackers can read files and execute arbitrary code or commands against unpatched devices, gaining a foothold into the network. From there the attacker would be able to conduct further exploitation and potentially move around the network. Impacted organizations should apply a security patch immediately.

Next Steps for Jenkins Customers:

  1. Download and install the latest version of the affected products:
    1. Jenkins should be updated to Jenkins 2.442
    2. Jenkins LTS should be updated to version 2.426.3
  2. If you aren’t able to patch, the Jenkins team has provided the following mitigation option:
    1. Disable access to the CLI (see here for documentation on this workaround).

Recent Articles

Five Emerging Cyber Claims Trends for 2025


Cyber risks will grow more complex in 2025. Using 2024 claims data, we’ve identified key trends to watch in the evolving threat landscape.

Cleo File Transfer Alert | December 2024


Cleo customers could be at risk due to a critical security flaw. Here's what you need to know.

November 2024: A Record-Breaking Month for Ransomware Attacks


In November 2024, ransomware activity reached an all-time high, with 632 reported victims listed to leak sites. Learn more in this ransomware update.