Fortra’s Alert Logic is researching a vulnerability in Jenkins’ built-in command line interface (CLI). This vulnerability, CVE-2024-23897, could allow an unauthenticated attacker with Overall/Read permission to read arbitrary files on the Jenkins controller file system. Customers are recommended to update to Jenkins 2.442, LTS 2.426.3.
Who is affected?
Versions prior to Jenkins 2.441, LTS 2.426.2 are vulnerable to CVE-2024-23897.
What can I do?
Customers are recommended to update to Jenkins 2.442, LTS 2.426.3 as soon as possible. If you are not able to update immediately, disabling access to the CLI until you are able to perform the update is expected to prevent exploitation. For more information, refer to Jenkins’ security advisory.
How is Alert Logic helping me?
Alert Logic is actively researching this threat to build detection capabilities in addition to those listed below.
Vulnerability Scanning: Alert Logic released authenticated scan coverage to identify vulnerable instances. If the vulnerability is found, an exposure will be raised for CVE-2024-23897.
Network IDS: Alert Logic has released new, specific IDS signatures to aid in detection research; existing telemetry and generic signatures began alerting for exploit attempts beginning January 26, 2024.
Log Management: Alert Logic has deployed and is actively monitoring log telemetry related to known IOCs.
Updates
Alert Logic has kicked off the Emerging Threat process for this vulnerability. This article will be updated with new information about this vulnerability and related Alert Logic coverage as it becomes available. To follow updates for this vulnerability, click FOLLOW at the top of this article. You must be signed into the Support Center using your Alert Logic product credentials to follow this article.
Comments
0 comments
Please sign in to leave a comment.