Trend Micro is a bit late talking about CVE-2024-23897 (9.8 critical, disclosed 24 January 2024, has Proof of Concept) Jenkins Server Arbitrary file read vulnerability. The vulnerability exists in the args4j library, allowing an unauthenticated user to read the first few lines of any files on the file system, leading to remote code execution. If I’m reading this correctly, Trend Micro reports active exploitation of CVE-2024-23897, predominantly from the Netherlands (no IOC provided). 🔗 https://www.trendmicro.com/en_us/research/24/c/cve-2024-23897.html They provide vulnerability analyses similar to Sonar Source, explaining attack scenarios and what commands are available for both unauthenticated/authenticated users.

#CVE_2024_23897 #Jenkins #RCE #eitw #activeexploitation #PoC #proofofconcept #vulnerability