logo
Vulnerability feed
CONTRIBUTE

Vulnerability

warn

CVE-2024-23897

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2024-23897

Description:
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
Last updated date:
08/20/2024

Reports

alt

ACTIVELY EXPLOITED

Type:
exploitation
Confidence:
HIGH
Date of publishing:
03/19/2024
Reference url to background

https://www.trendmicro.com/it_it/research/24/c/cve-2024-23897.html

Type:
exploitation
Confidence:
HIGH
Date of publishing:
08/19/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/23/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/26/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/26/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/26/2024
Reference url to background

https://github.com/xaitax/CVE-2024-23897

Type:
exploit
Confidence:
HIGH
Date of publishing:
01/27/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/27/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/27/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/27/2024
Reference url to background

https://github.com/wjlin0/CVE-2024-23897

Type:
exploit
Confidence:
HIGH
Date of publishing:
01/28/2024
Reference url to background

https://github.com/Vozec/CVE-2024-23897

Type:
exploit
Confidence:
HIGH
Date of publishing:
01/29/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
01/31/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
02/04/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
02/07/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
02/16/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
05/08/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
05/08/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
05/16/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
08/20/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
09/30/2024
Vulnerability FeedContributorsAboutBlog

@inTheWild

©2024

Privacy Policy