45k Jenkins servers exposed globally due to CVE-2024-23897 (CVSS 9.8) vulnerability

"The security vulnerability has affected around 45000 Jenkins servers across the globe. By exploiting the vulnerability, the attacker can gain access to sensitive data such as source codes, SSH Keys, Credentials, Build Artifacts, and Binary Secrets. Learn more on how SharkStriker helps its clients and partners be secured from the impact of CVE-2024-23897 vulnerability.


More than 45000 Jenkins servers are exposed due to a security vulnerability CVE-2024-23897 which has been assigned a critical CVSS score of 9.8.

It has a global impact on businesses with instances of Jenkins servers exposed to the security vulnerability with 15806 instances exposed from the US, 11955 instances exposed in China, 3572 in India, 2204 in the Republic of Korea, 1482 in France, and 1179 in the UK.

Exploits were first made public on 26 January with fixes through versions 2.442 and LTS 2.426.3 for file read problems. Security experts are currently working on effective patches for this vulnerability.

Jenkins is a renowned open-source automation server for Continuous Integration and Continuous Development (CI/CD). According to recent reports, approximately 45,000 Jenkins servers have been exposed to Remote Code Execution (RCE) attacks[1]. These servers are vulnerable to a critical remote code execution flaw known as CVE-2023-23897[1]. This vulnerability allows attackers to gain unauthorized access to sensitive data such as source codes, SSH keys, credentials, build artifacts, and binary secrets[1][4].

It is important for organizations running Jenkins servers to take immediate action to secure their systems by patching the vulnerability and ensuring that their servers are not exposed to the public internet.