all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Jenkins Arbitrary File Leak Vulnerability, CVE-2024-23897, Can Lead To RCE

Add to bookmarks
Feb. 6, 2024, 11:44 p.m. | Avinash Kumar

Security Boulevard securityboulevard.com

Introduction


Jenkins, a Java-based open-source automation server widely used by developers for application building, testing, and deployment, has issued an advisory about a critical vulnerability that could potentially enable remote code execution (RCE).


This vulnerability, identified as CVE-2024-23897, poses a high risk and affects Jenkins integrated command line interfaces (CLI). With a CVSS score of 9.8, unauthorized access to files through the CLI is possible, potentially leading to RCE.


In addition to file access, CVE-2024-23897 can be leveraged to access …

advisory application automation building can cli code code execution command command line critical critical vulnerability cve cve-2024-23897 deployment developers enable file high introduction java jenkins leak rce remote code remote code execution risk server testing vulnerability

Visit resource

More from securityboulevard.com / Security Boulevard

Dropbox Hacked: eSignature Service Breached 5 hours ago | securityboulevard.com
application security appsec breached cloud security +39
USENIX Security ’23 – “My Privacy for their Security”: Employees’ Privacy Perspectives and Expectations when … 6 hours ago | securityboulevard.com
access authors conference employees +17
Key Areas Where Open-Source Security Needs to Evolve 7 hours ago | securityboulevard.com
cybersecurity cybersecurity experts effect experts +10
News alert: LayerX Security raises $24M Series A funding for its ‘enterprise browser’ security platform 8 hours ago | securityboulevard.com
alert browser browser security capital +26
Strata Identity Names Granville Schmidt Chief Architect 8 hours ago | securityboulevard.com
advancements appointed april architect +22
LayerX Security Raises $24M for its Browser Security Platform, Enabling Employees to Work Securely from … 8 hours ago | securityboulevard.com
adoption browser browser security companies +14
Survalyzer SPF and DKIM configuration: Step By Step Guideline 8 hours ago | securityboulevard.com
article blog configuration dkim +6
Vtiger SPF & DKIM Setup: Step By Step Guideline 9 hours ago | securityboulevard.com
amp blog businesses cloud +11
Spamhero SPF and DKIM configuration: Step By Step Guideline 9 hours ago | securityboulevard.com
article blog configuration dkim +6

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Information Security Engineer, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

BaaN IV Techno-functional consultant-On-Balfour

@ Marlabs | Piscataway, US
View on infosec-jobs.com

Senior Security Analyst

@ BETSOL | Bengaluru, India
View on infosec-jobs.com

Security Operations Centre Operator

@ NEXTDC | West Footscray, Australia
View on infosec-jobs.com

Senior Network and Security Research Officer

@ University of Toronto | Toronto, ON, CA
View on infosec-jobs.com
View more jobs