Security News > 2024 > August > CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-01-24 CVE-2024-23897 Path Traversal vulnerability in Jenkins
Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.
network
low complexity
jenkins CWE-22
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Jenkins 628 54 1092 359 70 1575