GobyVuls/Jenkins_args4j_file_read_vulnerability_(CVE-2024-23897).md

Jenkins args4j file read vulnerability (CVE-2024-23897)

Vulnerability	Jenkins args4j file read vulnerability (CVE-2024-23897)
Chinese name	Jenkins args4j 文件读取漏洞（CVE-2024-23897）
CVSS core	9.8
FOFA Query (click to view the results directly)	app="Jenkins"
Number of assets affected	729753
Description	CloudBees Jenkins (formerly known as Hudson Labs) is a set of Java-based continuous integration tools developed by American CloudBees Company. It is mainly used to monitor continuous software version release/test projects and some regularly executed tasks.Attackers can use this vulnerability to read important system files (such as database configuration files, system configuration files), database configuration files, etc., causing the website to be in an extremely unsafe state.
Impact	Attackers can use this vulnerability to read important system files (such as database configuration files, system configuration files), database configuration files, etc., causing the website to be in an extremely unsafe state.

.