CVE-2024-23897 Jenkins CVE debrief

Who should care

Jenkins administrators, security operations teams, and asset owners responsible for Jenkins deployments that use the CLI.

Technical summary

The vulnerability is described as a path traversal issue in the Jenkins Command Line Interface (CLI). CISA’s KEV entry identifies it as actively exploited and references the Jenkins security advisory and NVD record for further details.

Defensive priority

High priority. The KEV listing and known ransomware campaign use indicate this should be addressed urgently using vendor mitigations or by discontinuing use if mitigations are unavailable.

Recommended defensive actions

• Review the Jenkins security advisory referenced by the KEV entry and apply the vendor’s mitigations or remediation steps immediately.
• If effective mitigations are not available in your environment, discontinue use of the affected product or exposed feature as CISA advises.
• Inventory Jenkins instances and verify whether the CLI is enabled or reachable in your deployment.
• Increase monitoring for suspicious access patterns and unexpected file access activity on Jenkins systems.
• Track exposure and remediation status as an urgent item until the affected Jenkins instances are confirmed protected.

Evidence notes

CISA’s Known Exploited Vulnerabilities JSON lists CVE-2024-23897 for Jenkins Command Line Interface (CLI) as a path traversal vulnerability, with dateAdded 2024-08-19 and dueDate 2024-09-09. The source metadata also states known ransomware campaign use: Known. The source notes reference the Jenkins advisory and the NVD record.

Official resources