all InfoSec news
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897)
FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com
Cyber threat actors are actively targeting Jenkins, a Java-based open-source automation server widely used by application developers. The critical vulnerability tracked as CVE-2024-23897 could enable remote code execution (RCE) potentially leading to unauthorized access and data compromise. Exploiting this vulnerability allows attackers to read any files on the Jenkins controller file system.FortiRecon ACI service has observed recent discussions related to CVE-2024-23897 on the Dark Web. Also, a Proof of Concept (PoC) exploit has been made publicly …
access application application developers attackers automation code code execution compromise controller critical critical vulnerability cve cve-2024-23897 cyber cyber threat cyber threat actors data developers enable exploiting file files java jenkins rce remote code remote code execution server targeting threat threat actors unauthorized unauthorized access vulnerability what is