Critical Remote Code Execution Flaws Uncovered in Jenkins
Critical Remote Code Execution Flaws Uncovered in Jenkins
Summary:
Multiple vulnerabilities have been discovered in Jenkins and number of associated plugins, allowing attackers unauthorized data access and execute arbitrary commands. The critical vulnerability CVE-2024-23897, allows attackers to read system files and opens number of attack vectors associated with Remote Code Execution.
Threat Level – Red | Vulnerability Report
For a detailed threat advisory, download the pdf file here
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.