Security News > 2024 > January > Jenkins jitters as 45,000 servers still vulnerable to RCE attacks after patch released
The number of public-facing installs of Jenkins servers vulnerable to a recently disclosed critical vulnerability is in the tens of thousands.
Trailing them are India, Germany, Republic of Korea, France, and the UK. The revelation of the vast attack surface comes days after multiple exploits were made public on January 26 - themselves released just two days after the coordinated disclosure from Jenkins and Yaniv Nizry, the researcher at Sonar who first discovered the vulnerability.
CVE-2024-23897 is the critical vulnerability disclosed by Sonar and the main reason for Jenkins attracting so much attention from the infosec community of late, although a separate high-severity flaw was also disclosed.
"As of publication of this advisory, the Jenkins security team has found ways to read the first three lines of files in recent releases of Jenkins without having any plugins installed, and has not identified any plugins that would increase this line count," the advisory reads.
The Jenkins team went on to detail the various different types of feasible attacks that could play out if the vulnerability was exploited, each resulting in different types of sensitive data being exposed.
Jenkins commonly uses 32-byte random binary secrets meaning attackers would need to correctly guess 16 bytes, which the developers said is "Unfeasible."
News URL
https://go.theregister.com/feed/www.theregister.com/2024/01/30/jenkins_rce_flaw_patch/
Related news
- 'Patch yesterday': Zimbra mail servers under siege through RCE vuln (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- VMware fixes bad patch for critical vCenter Server RCE flaw (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-24 | CVE-2024-23897 | Path Traversal vulnerability in Jenkins Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system. | 9.8 |