{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2024-23897","assignerOrgId":"39769cd5-e6e2-4dc8-927e-97b3aa056f5b","state":"PUBLISHED","assignerShortName":"jenkins","dateReserved":"2024-01-23T12:46:51.263Z","datePublished":"2024-01-24T17:52:22.842Z","dateUpdated":"2025-10-21T23:05:25.971Z"},"containers":{"cna":{"affected":[{"defaultStatus":"affected","product":"Jenkins","vendor":"Jenkins Project","versions":[{"lessThan":"1.606","status":"unaffected","version":"0","versionType":"maven"},{"lessThan":"*","status":"unaffected","version":"2.442","versionType":"maven"},{"lessThan":"2.426.*","status":"unaffected","version":"2.426.3","versionType":"maven"},{"lessThan":"2.440.*","status":"unaffected","version":"2.440.1","versionType":"maven"}]}],"descriptions":[{"lang":"en","value":"Jenkins 2.441 and earlier, LTS 2.426.2 and earlier does not disable a feature of its CLI command parser that replaces an '@' character followed by a file path in an argument with the file's contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller file system."}],"providerMetadata":{"orgId":"39769cd5-e6e2-4dc8-927e-97b3aa056f5b","shortName":"jenkins","dateUpdated":"2024-04-15T15:06:41.647Z"},"references":[{"name":"Jenkins Security Advisory 2024-01-24","tags":["vendor-advisory"],"url":"https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314"},{"url":"https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/"},{"url":"http://www.openwall.com/lists/oss-security/2024/01/24/6"},{"url":"http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html"},{"url":"http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html"}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-19T07:48:11.721Z"},"title":"CVE Program Container","references":[{"name":"Jenkins Security Advisory 2024-01-24","tags":["vendor-advisory","x_transferred"],"url":"https://www.jenkins.io/security/advisory/2024-01-24/#SECURITY-3314"},{"url":"https://www.sonarsource.com/blog/excessive-expansion-uncovering-critical-security-vulnerabilities-in-jenkins/","tags":["x_transferred"]},{"url":"http://www.openwall.com/lists/oss-security/2024/01/24/6","tags":["x_transferred"]},{"url":"http://packetstormsecurity.com/files/176839/Jenkins-2.441-LTS-2.426.3-CVE-2024-23897-Scanner.html","tags":["x_transferred"]},{"url":"http://packetstormsecurity.com/files/176840/Jenkins-2.441-LTS-2.426.3-Arbitrary-File-Read.html","tags":["x_transferred"]},{"url":"https://www.vicarius.io/vsociety/posts/the-anatomy-of-a-jenkins-vulnerability-cve-2024-23897-revealed-1"}]},{"metrics":[{"cvssV3_1":{"scope":"UNCHANGED","version":"3.1","baseScore":9.8,"attackVector":"NETWORK","baseSeverity":"CRITICAL","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","integrityImpact":"HIGH","userInteraction":"NONE","attackComplexity":"LOW","availabilityImpact":"HIGH","privilegesRequired":"NONE","confidentialityImpact":"HIGH"}},{"other":{"type":"ssvc","content":{"id":"CVE-2024-23897","role":"CISA Coordinator","options":[{"Exploitation":"active"},{"Automatable":"yes"},{"Technical Impact":"total"}],"version":"2.0.3","timestamp":"2024-08-19T15:35:31.038735Z"}}},{"other":{"type":"kev","content":{"dateAdded":"2024-08-19","reference":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-23897"}}}],"affected":[{"cpes":["cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*"],"vendor":"jenkins","product":"jenkins","versions":[{"status":"unaffected","version":"0","lessThan":"1.606","versionType":"maven"},{"status":"unaffected","version":"2.442","lessThan":"*","versionType":"maven"},{"status":"unaffected","version":"2.426.3","lessThan":"2.427","versionType":"maven"},{"status":"unaffected","version":"2.440.1","lessThan":"2.441","versionType":"maven"}],"defaultStatus":"affected"},{"cpes":["cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*"],"vendor":"jenkins","product":"jenkins","versions":[{"status":"unaffected","version":"0","lessThan":"1.606","versionType":"maven"},{"status":"unaffected","version":"2.442","lessThan":"*","versionType":"maven"},{"status":"unaffected","version":"2.426.3","lessThan":"2.427","versionType":"maven"},{"status":"unaffected","version":"2.440.1","lessThan":"2.441","versionType":"maven"}],"defaultStatus":"affected"},{"cpes":["cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*"],"vendor":"jenkins","product":"jenkins","versions":[{"status":"unaffected","version":"0","lessThan":"1.606","versionType":"maven"},{"status":"unaffected","version":"2.442","lessThan":"*","versionType":"maven"},{"status":"unaffected","version":"2.426.3","lessThan":"2.427","versionType":"maven"},{"status":"unaffected","version":"2.440.1","lessThan":"2.441","versionType":"maven"}],"defaultStatus":"affected"},{"cpes":["cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*"],"vendor":"jenkins","product":"jenkins","versions":[{"status":"unaffected","version":"0","lessThan":"1.606","versionType":"maven"},{"status":"unaffected","version":"2.442","lessThan":"*","versionType":"maven"},{"status":"unaffected","version":"2.426.3","lessThan":"2.427","versionType":"maven"},{"status":"unaffected","version":"2.440.1","lessThan":"2.441","versionType":"maven"}],"defaultStatus":"affected"}],"references":[{"url":"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-23897","tags":["government-resource"]}],"problemTypes":[{"descriptions":[{"lang":"en","type":"CWE","cweId":"CWE-27","description":"CWE-27 Path Traversal: 'dir/../../filename'"}]}],"timeline":[{"time":"2024-08-19T00:00:00.000Z","lang":"en","value":"CVE-2024-23897 added to CISA KEV"}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-10-21T23:05:25.971Z"}}]}}