#JenkinsSecurity

Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks

July 9, 2024 by Xynik

July 9, 2024 at 08:13AM Researchers found that misconfigured Jenkins Script Console instances can be exploited for criminal activities, like cryptocurrency mining. Attackers can gain remote code execution and misuse sensitive data. The console lacks administrative controls and can be accessed over the internet due to misconfigurations. Safeguards include proper configuration, robust authentication, and restriction … Read more

Turning Jenkins Into a Cryptomining Machine From an Attacker’s Perspective

July 5, 2024 by Xynik

July 5, 2024 at 05:04AM Summary: The blog entry discusses how attackers can use the Jenkins Script Console for cryptomining by executing malicious Groovy scripts if the console is not properly configured. Misconfigurations and vulnerable Jenkins servers can enable remote code execution and the deployment of cryptocurrency miners. The entry also provides mitigations and indicators … Read more

45k Jenkins servers exposed to RCE attacks using public exploits

January 29, 2024 by Xynik

January 29, 2024 at 05:07PM Security researchers discovered about 45,000 vulnerable Jenkins instances online, susceptible to CVE-2023-23897, a critical flaw allowing remote code execution. The issue originates from an automatic file reading feature, potentially leading to arbitrary command execution. There are multiple public PoC exploits available, posing a significant threat to unpatched Jenkins servers globally. … Read more

PoC Exploit Published for Critical Jenkins Vulnerability

January 29, 2024 by Xynik

January 29, 2024 at 11:12AM It is critical to update to the latest Jenkins versions due to a recently disclosed vulnerability (CVE-2024-23897). The security flaw in Jenkins versions before 2.442 and LTS 2.426.3 allows attackers to read sensitive information and execute arbitrary code. Organizations are urged to update to the patched versions or disable the … Read more

Exploits released for critical Jenkins RCE flaw, patch now

January 28, 2024 by Xynik

January 28, 2024 at 12:17PM Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to access arbitrary files have been made public. SonarSource discovered two flaws, one granting unauthorized file reading and the other enabling arbitrary command execution. Jenkins released fixes with advisory and PoCs have been created, with reported active attacks. … Read more

Critical Jenkins Vulnerability Exposes Servers to RCE Attacks – Patch ASAP!

January 25, 2024 by Xynik

January 25, 2024 at 11:38AM Jenkins recently resolved nine security flaws, including a critical bug (CVE-2024-23897) enabling remote code execution. An arbitrary file read vulnerability through the command line interface was identified. Attackers could exploit this to read arbitrary files on the Jenkins controller file system. The flaw was discovered by Yaniv Nizry and fixed … Read more