CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks
20 August 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, following its exploitation in ransomware attacks.
The vulnerability, tracked as CVE-2024-23897 (CVSS score: 9.8), is a path traversal flaw that could lead to code execution.
"Jenkins Command Line Interface (CLI) contains a