Base Score

CRITICAL9.8

CVE-2024-23897

Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system.

VectorNETWORK

Published Byjenkinsci-cert@googlegroups.com

Published DateJan 24, 2024, 18:15

Affected Versions(3)

org.jenkins-ci.main:jenkins-core(Maven)

Introduced1.606

Fixed2.426.3

LimitN/A

org.jenkins-ci.main:jenkins-core(Maven)

Introduced2.427

Fixed2.440.1

LimitN/A

org.jenkins-ci.main:jenkins-core(Maven)

Introduced2.441

Fixed2.442

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
org.jenkins-ci.main:jenkins-core(Maven)	1.606	2.426.3	N/A
org.jenkins-ci.main:jenkins-core(Maven)	2.427	2.440.1	N/A
org.jenkins-ci.main:jenkins-core(Maven)	2.441	2.442	N/A

Weakness Type (CWE):CWE-22

CVSS Metrics

Base Score

9.8

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Severity

CRITICAL

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH

References

Base Score

CRITICAL9.8

Weakness Type (CWE):CWE-22

CVSS Metrics

Base Score

9.8

Vector String

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Base Severity

CRITICAL

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

LOW

Privileges Required (PR)

NONE

User Interaction (UI)

NONE

Scope (S)

UNCHANGED

Confidentiality (C)

HIGH

Integrity (I)

HIGH

Availability (A)

HIGH