Help
FortiNDRCloud
SaaS based NDR solution providing 365 days data retention, along with Technical Success Manager
kcheung
Staff
Staff

Created on ‎08-31-2024 05:11 AM Edited on ‎09-04-2024 11:20 AM

Article Id 337918

FortiGuard Outbreak Alert: Jenkins RCE Attack

Description

CVE-2024-23897 is a arbitrary file read vulnerability in Jenkins CLI which allows unauthenticated attackers to read lines of files on the system. This information obtained could be leveraged to perform remote code execution.


The following versions of Jenkins are affected:

  • Jenkins 2.441 or earlier
  • Jenkins LTS 2.426.2 or earlier

CVE ID

CVE-2024-23897 (https://nvd.nist.gov/vuln/detail/CVE-2024-23897)

NDR Cloud Detection Rule

FortiNDR Cloud v2024.8+

Detection Rule Name 

Category 

Primary MITRE ID 
FortiGuard Outbreak Alert: Jenkins Arbitrary File Read RCE
Attack: Exploitation

T1190 -  Exploit Public-Facing Application

Playbook

 N/A
Threat Hunting

N/A
Suricata Coverage

Customers can create custom investigation/detections using the Suricata signatures below
2050517 -> ET EXPLOIT Jenkins Unauthenticated RCE Attempt Observed (CVE-2024-23897)

Other Fortinet Products

For more details regarding mitigating the vulnerability by utilizing Fortinet products, please refer to
https://www.fortiguard.com/outbreak-alert/jenkins-rce
538
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.