Lucene search
HiveForce LabsHIVEPRO:F3234E3F7B0F3D1658703A7250732733HistoryFeb 01, 2024 - 6:56 a.m.
Critical Remote Code Execution Flaws Uncovered in Jenkins
2024-02-0106:56:33
HiveForce Labs
www.hivepro.com
30
jenkins
remote code execution
vulnerabilities
arbitrary commands
unauthorized access
system files
attack vectors
cve-2024-23897
threat level red
Summary: Multiple vulnerabilities have been discovered in Jenkins and number of associated plugins, allowing attackers unauthorized data access and execute arbitrary commands. The critical vulnerability CVE-2024-23897, allows attackers to read system files and opens number of attack vectors associated with Remote Code Execution. Threat Level - Red | Vulnerability Report For a detailed threat advisory, download the pdf file here To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.
Related
githubexploit
githubexploit
Exploit for CVE-2024-23897
2024-01-27 12:57:28
Exploit for CVE-2024-23897
2024-02-16 23:21:40
Exploit for CVE-2024-23897
2024-02-21 18:32:45
github
github
Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE
2024-01-24 18:31:02
osv
osv
BIT-jenkins-2024-23897
2024-03-06 10:53:54
CGA-hh8q-gm3c-2w42
2024-06-06 12:26:02
CGA-7599-vh7r-jggh
2024-06-06 12:24:51
cvelist
cvelist
CVE-2024-23897
2024-01-24 17:52:22
zdt
zdt
Jenkins 2.441 / LTS 2.426.3 Arbitrary File Read Exploit
2024-01-29 00:00:00
metasploit
metasploit
Jenkins cli Ampersand Replacement Arbitrary File Read
2024-01-30 22:12:10
cve
cve
CVE-2024-23897
2024-01-24 18:15:09
cgr
cgr
CVE-2024-23897 vulnerabilities
2024-05-19 03:07:16
packetstorm
packetstorm
Jenkins 2.441 Local File Inclusion
2024-04-15 00:00:00
Jenkins 2.441 / LTS 2.426.3 Arbitrary File Read
2024-01-29 00:00:00
redhatcve
redhatcve
CVE-2024-23897
2024-01-25 20:21:50
alpinelinux
alpinelinux
CVE-2024-23897
2024-01-24 18:15:09
veracode
veracode
Arbitrary File Read
2024-01-31 06:55:39
nvd
nvd
CVE-2024-23897
2024-01-24 18:15:09
prion
prion
Design/Logic Flaw
2024-01-24 18:15:00
trendmicroblog
trendmicroblog
Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk
2024-03-19 00:00:00
wolfi
wolfi
CVE-2024-23897 vulnerabilities
2024-07-26 21:09:29
exploitdb
exploitdb
Jenkins 2.441 - Local File Inclusion
2024-04-15 00:00:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up 04/05/2024
2024-04-05 18:59:29
nessus
nessus
FreeBSD : jenkins -- multiple vulnerabilities (8b03d274-56ca-489e-821a-cf32f07643f0)
2024-01-25 00:00:00
Jenkins LTS < 2.426.3 / Jenkins weekly < 2.442 Multiple Vulnerabilities
2024-01-24 00:00:00
RHEL 8 : jenkins and jenkins-2-plugins (RHSA-2024:0776)
2024-04-28 00:00:00
kitploit
kitploit
CVE-2024-23897 - Jenkins <= 2.441 & <= LTS 2.426.2 PoC And Scanner
2024-02-25 11:30:00
freebsd
freebsd
jenkins -- multiple vulnerabilities
2024-01-24 00:00:00
thn
thn
Critical Jenkins Vulnerability Exposes Servers to RCE Attacks - Patch ASAP!
2024-01-25 11:57:00
redhat
redhat
(RHSA-2024:0776) Important: jenkins and jenkins-2-plugins security update
2024-02-12 10:18:15
(RHSA-2024:0775) Important: jenkins and jenkins-2-plugins security update
2024-02-12 10:17:47
(RHSA-2024:0778) Important: Jenkins and Jenkins-2-plugins security update
2024-02-12 10:30:15
redos
redos
ROS-20240411-08
2024-04-11 00:00:00
qualysblog
qualysblog
Oracle Critical Patch Update, July 2024 Security Update Review
2024-07-17 14:34:50
oracle
oracle
Oracle Critical Patch Update Advisory - July 2024
2024-07-16 00:00:00
AI Score
8.2
Confidence
Low
EPSS
0.96
Percentile
99.5%
Related for HIVEPRO:F3234E3F7B0F3D1658703A7250732733