CVE-2024-23897: Jenkins CLI Arbitrary File Read
Can Jenkins be exploited to read files?
Jenkins CLI processes @-prefixed arguments as file paths and reads their contents, allowing unauthenticated attackers to read arbitrary files on the Jenkins controller. When combined with binary secrets, enables full RCE.
Impact & Exploitation
Exploited in the wild. Public PoC available. Enables reading Jenkins secrets, API tokens, and SSH keys leading to complete CI/CD pipeline compromise.
How Precogs AI Detects Jenkins CLI Arbitrary File Read
Precogs AI detects Jenkins CLI file read patterns through Binary DAST testing and identifies exposed Jenkins instances with vulnerable CLI access.
Precogs Research
This vulnerability intelligence report was analyzed and enriched by the Precogs AI Security Team. Our researchers continuously monitor emerging threats across AI code, LLM pipelines, and binary architectures to ensure accurate real-time remediation guidance.