From 316bda02d345ae521da9b642ac79131af5ba1a4b Mon Sep 17 00:00:00 2001
From: Goby <50955360+gobysec@users.noreply.github.com>
Date: Fri, 26 Jan 2024 19:50:43 +0800
Subject: [PATCH] Update GobyVuls-Document.md

---
 GobyVuls-Document.md | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/GobyVuls-Document.md b/GobyVuls-Document.md
index 7b57702..97711b7 100644
--- a/GobyVuls-Document.md
+++ b/GobyVuls-Document.md
@@ -1,7 +1,21 @@
 # Goby History Update Vulnerability Total Document (Continuously Update) 
 The following content is an updated vulnerability from Goby. Some of the vulnerabilities are recorded on the screen for easy viewing.
 
-**Updated document date: January 24, 2024** 
+**Updated document date: January 26, 2024** 
+
+## 	Jenkins args4j file read vulnerability (CVE-2024-23897)
+
+|   **Vulnerability**  | Jenkins args4j file read vulnerability (CVE-2024-23897)  |
+| :----:   | :-----|
+|  **Chinese name**  | 		Jenkins args4j 文件读取漏洞（CVE-2024-23897） |
+| **CVSS core**  | 	9.8 |
+| **FOFA Query**  (click to view the results directly)| [app="Jenkins"](https://en.fofa.info/result?qbase64=aGVhZGVyPSJYLUplbmtpbnMiIHx8IGJhbm5lcj0iWC1KZW5raW5zIiB8fCBoZWFkZXI9IlgtSHVkc29uIiB8fCBiYW5uZXI9IlgtSHVkc29uIiB8fCBoZWFkZXI9IlgtUmVxdWlyZWQtUGVybWlzc2lvbjogaHVkc29uLm1vZGVsLkh1ZHNvbi5SZWFkIiB8fCBiYW5uZXI9IlgtUmVxdWlyZWQtUGVybWlzc2lvbjogaHVkc29uLm1vZGVsLkh1ZHNvbi5SZWFkIiB8fCBib2R5PSJKZW5raW5zLUFnZW50LVByb3RvY29scyI%3D)|
+| **Number of assets affected**  | 		729753 |
+| **Description**  | 	CloudBees Jenkins (formerly known as Hudson Labs) is a set of Java-based continuous integration tools developed by American CloudBees Company. It is mainly used to monitor continuous software version release/test projects and some regularly executed tasks.Attackers can use this vulnerability to read important system files (such as database configuration files, system configuration files), database configuration files, etc., causing the website to be in an extremely unsafe state. |
+| **Impact** | Attackers can use this vulnerability to read important system files (such as database configuration files, system configuration files), database configuration files, etc., causing the website to be in an extremely unsafe state. |
+
+![](https://s3.bmp.ovh/imgs/2024/01/26/bb74a2a4f3c0cdbc.gif).
+