45k Jenkins servers exposed globally due to CVE-2024-23897 (CVSS 9.8) vulnerability
Description
The security vulnerability has affected around 45000 Jenkins servers across the globe. By exploiting the vulnerability, the attacker can gain access to sensitive data such as source codes, SSH Keys, Credentials, Build Artifacts, and Binary Secrets. Learn more on how SharkStriker helps its clients and partners be secured from the impact of CVE-2024-23897 vulnerability.
Overview
More than 45000 Jenkins servers are exposed due to a security vulnerability CVE-2024-23897 which has been assigned a critical CVSS score of 9.8.
It has a global impact on businesses with instances of Jenkins servers exposed to the security vulnerability with 15806 instances exposed from the US, 11955 instances exposed in China, 3572 in India, 2204 in the Republic of Korea, 1482 in France, and 1179 in the UK.
Exploits were first made public on 26 January with fixes through versions 2.442 and LTS 2.426.3 for file read problems. Security experts are currently working on effective patches for this vulnerability.
Jenkins is a renowned open-source automation server for Continuous Integration and Continuous Development (CI/CD). It eases building, testing, and deployment processes for de
You must log in or register a new account in order to contact the publisher
Useful information
- Avoid scams by acting locally or paying with PayPal
- Never pay with Western Union, Moneygram or other anonymous payment services
- Don't buy or sell outside of your country. Don't accept cashier cheques from outside your country
- This site is never involved in any transaction, and does not handle payments, shipping, guarantee transactions, provide escrow services, or offer "buyer protection" or "seller certification"