all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)

Add to bookmarks
Jan. 29, 2024, 11:30 a.m. | Helga Labus

Help Net Security www.helpnetsecurity.com

Several proof-of-concept (PoC) exploits for a recently patched critical vulnerability (CVE-2024-23897) in Jenkins has been made public and there’s evidence of exploitation in the wild. About CVE-2024-23897 Jenkins is a widely used Java-based open-source automation server that helps developers build, test and deploy applications, enabling continuous integration (CI) and continuous delivery (CD). CVE-2024-23897 is an arbitrary file read vulnerability in Jenkins’ built-in command line interface (CLI) that could allow an unauthenticated threat actor with Overall/Read … More →


The post …

applications automation build concept continuous continuous integration critical critical vulnerability cve cve-2024-23897 deploy developers don't miss exploit exploitation exploited exploits flaw hot stuff integration java jenkins open source patch poc proof proof-of-concept public rce security update server sonarsource test vulnerability

Visit resource

More from www.helpnetsecurity.com / Help Net Security

Abnormal extends Account Takeover Protection to cloud apps, introduces AI Security Mailbox 21 minutes ago | www.helpnetsecurity.com
abnormal abnormal security account account takeover +27
Dynatrace enhances its platform with new Kubernetes Security Posture Management capabilities 56 minutes ago | www.helpnetsecurity.com
acquisition announcement capabilities compliance +19
Akamai to acquire Noname for $450 million 2 hours ago | www.helpnetsecurity.com
accelerate agreement akamai akamai technologies +20
Ransomware operations are becoming less profitable 3 hours ago | www.helpnetsecurity.com
availability backups chainalysis cyber +23
Vectra AI Platform enhancements combat GenAI attacks 4 hours ago | www.helpnetsecurity.com
abusing adoption ai platform attack +24
BigID introduces dual-scanning capabilities for cloud native workloads 4 hours ago | www.helpnetsecurity.com
advancement bigid capabilities cloud +21
Cranium AI Exposure Management Solution helps organizations secure internal and third-party AI systems 5 hours ago | www.helpnetsecurity.com
ai solutions architecture cranium exposure +21
Datadog Event Management helps teams reduce alert fatigue 5 hours ago | www.helpnetsecurity.com
aiops alert alert fatigue can +20
Forescout AI enables security leaders to make confident, informed decisions 6 hours ago | www.helpnetsecurity.com
ai capabilities business capabilities chatbot +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Information System Security Officer (ISSO)

@ LinQuest | Boulder, Colorado, United States
View on infosec-jobs.com

Project Manager - Security Engineering

@ MongoDB | New York City
View on infosec-jobs.com

Security Continuous Improvement Program Manager (m/f/d)

@ METRO/MAKRO | Düsseldorf, Germany
View on infosec-jobs.com

Senior JavaScript Security Engineer, Tools

@ MongoDB | New York City
View on infosec-jobs.com

Principal Platform Security Architect

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Staff Cyber Security Engineer (Emerging Platforms)

@ NBCUniversal | Englewood Cliffs, NEW JERSEY, United States
View on infosec-jobs.com
View more jobs