all InfoSec news
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897)
March 26, 2024, 6:10 p.m. |
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
Cyber threat actors are actively targeting Jenkins, a Java-based open-source automation server widely used by application developers. The critical vulnerability tracked as CVE-2024-23897 could enable remote code execution (RCE) potentially leading to unauthorized access and data compromise. Exploiting this vulnerability allows attackers to read any files on the Jenkins controller file system.FortiRecon ACI service has observed recent discussions related to CVE-2024-23897 on the Dark Web. Also, a Proof of Concept (PoC) exploit has been made publicly …
access application application developers attackers automation code code execution compromise controller critical critical vulnerability cve cve-2024-23897 cyber cyber threat cyber threat actors data developers enable exploiting file files java jenkins rce remote code remote code execution server targeting threat threat actors unauthorized unauthorized access vulnerability what is
More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report
Tinyproxy use-after-free Vulnerability (CVE-2023-49606)
1 week, 2 days ago |
fortiguard.fortinet.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368
@ Allen Integrated Solutions | Chantilly, Virginia, United States
Consultant Sécurité SI H/F Gouvernance - Risques - Conformité
@ Hifield | Sèvres, France
Infrastructure Consultant
@ Telefonica Tech | Belfast, United Kingdom