Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2024-23897

Опубликовано: 09 янв. 2024
Источник: redhat
CVSS3: 9.8
EPSS Критический

Описание

Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.

A flaw was found in Jenkins, which uses the args4j library to parse command arguments and options on the Jenkins controller when processing CLI commands. This command parser has a feature that replaces the "@" character followed by a file path in an argument with the file’s contents (expandAtFiles). This feature is enabled by default; Jenkins 2.441 and earlier as well as LTS 2.426.2 and earlier do not disable it.

Меры по смягчению последствий

Disabling access to the CLI is expected to prevent exploitation completely. Doing so is strongly recommended to administrators unable to immediately update to Jenkins 2.442, LTS 2.426.3 or LTS 2.440.1. Applying this workaround does not require a Jenkins restart.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat OpenShift Container Platform 3.11jenkinsOut of support scope
OCP-Tools-4.12-RHEL-8jenkinsFixedRHSA-2024:077812.02.2024
OCP-Tools-4.13-RHEL-8jenkinsFixedRHSA-2024:077612.02.2024
OpenShift Developer Tools and Services for OCP 4.11jenkinsFixedRHSA-2024:077512.02.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Critical
Дефект:
CWE-88
https://bugzilla.redhat.com/show_bug.cgi?id=2260180jenkins: Arbitrary file read vulnerability through the CLI can lead to RCE

EPSS

Процентиль: 100%
0.94466
Критический

9.8 Critical

CVSS3

Связанные уязвимости

nvd логотип

CVE-2024-23897

CVSS3: 9.8
nvd
больше 1 года назад

Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.

debian логотип

CVE-2024-23897

CVSS3: 9.8
debian
больше 1 года назад

Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a ...

github логотип

GHSA-6f9g-cxwr-q5jr

CVSS3: 9.8
github
больше 1 года назад

Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE

fstec логотип

BDU:2024-00750

CVSS3: 8.8
fstec
больше 1 года назад

Уязвимость библиотеки args4j встроенного интерфейса командной строки (CLI) сервера автоматизации Jenkins, позволяющая нарушителю выполнить произвольный код

redos логотип

ROS-20240411-08

CVSS3: 8.8
redos
около 1 года назад

Множественные уязвимости jenkins

EPSS

Процентиль: 100%
0.94466
Критический

9.8 Critical

CVSS3