CVE-2024-23897

Warnung

Medienbericht

Exploit

EPSS 94.47%
Veröffentlicht 24.01.2024 18:15:09
Zuletzt bearbeitet 20.12.2024 17:30:33
Quelle jenkinsci-cert@googlegroups.co
Teams Watchlist Login
Unerledigt Login

Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.

Betroffene Produkte Warnungen 1 Metriken 3 CWE 2 Referenzen 9

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Jenkins ≫ Jenkins SwEditionlts Version < 2.426.3

Jenkins ≫ Jenkins SwEdition- Version < 2.442

19.08.2024: CISA Known Exploited Vulnerabilities (KEV) Catalog

Jenkins Command Line Interface (CLI) Path Traversal Vulnerability

Schwachstelle

Jenkins Command Line Interface (CLI) contains a path traversal vulnerability that allows attackers limited read access to certain files, which can lead to code execution.

Beschreibung

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	94.47%	1

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

CWE-27 Path Traversal: 'dir/../../filename'

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize multiple internal "../" sequences that can resolve to a location that is outside of that directory.

http://www.openwall.com/lists/oss-security/2024/01/24/6

Mailing List

http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html

Third Party Advisory

VDB Entry

http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html

Third Party Advisory

Exploit

VDB Entry

https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314

Vendor Advisory

https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/