CVE-2024-23897: Jenkins CLI Arbitrary File Read via args4j @ Expansion

CVSS 9.8 (CRITICAL) | Jenkins < 2.442 | Unauthenticated Arbitrary File Read → Credential Disclosure → RCE

Executive Summary

CVE-2024-23897 is a critical arbitrary file read vulnerability in Jenkins CLI's argument parsing. By exploiting the args4j library's @<filepath> expansion feature, unauthenticated attackers can read arbitrary files from the Jenkins server, including sensitive credentials, SSH keys, and configuration files. This file read primitive serves as the initial step in a multi-stage attack chain culminating in remote code execution and complete CI/CD pipeline compromise.

Key Facts:

• Authentication required: None (unauthenticated file read)
• Attack vector: Jenkins CLI endpoint (/cli)
• Impact: Credential disclosure, SSH key theft, configuration exposure
• CISA KEV status: Actively exploited in the wild
• Follow-up exploitation: Credentials → Groovy script console → RCE

Vulnerability Mechanics

Jenkins CLI uses the args4j library to parse command-line arguments. The library supports @<filepath> syntax to read arguments from files. The vulnerability chain:

1. Unauthenticated CLI Access

Jenkins CLI endpoint (/cli) is accessible without authentication by design (certain commands require auth, but initial connection does not)

2. args4j @ Expansion

Attacker sends CLI command with argument @/path/to/sensitive/file

3. File Content Substitution

args4j reads the specified file and substitutes its contents into the command argument

4. Error Response Leakage

If the file content is invalid as a command argument, Jenkins returns an error message containing the first N lines of the file

5. Iterative Exfiltration

Attacker repeats with different file paths to exfiltrate credentials, keys, configs

Root Cause: args4j's @<filepath> expansion feature enabled without path validation or authentication checks[^1].

Attack Surface

Affected Versions

• Jenkins weekly: < 2.442
• Jenkins LTS: < 2.426.3

Patched in: Jenkins 2.442, 2.426.3

Prerequisites

• Jenkins instance with CLI remoting enabled (default)
• Network access to Jenkins /cli endpoint (port 8080 or 443)
• No authentication required for initial file read

Attack Vector

# Basic exploitation
curl -X POST http://jenkins.target.com:8080/cli \
  -H "Session: " \
  -H "Side: download" \
  -d "help @/etc/passwd"

# Response contains /etc/passwd contents in error message

High-Value Targets

Attackers target these files for credential harvesting:

Jenkins Secrets:

/var/lib/jenkins/secrets/master.key       # Jenkins encryption key
/var/lib/jenkins/secrets/hudson.util.Secret  # Credential decryption
/var/lib/jenkins/credentials.xml          # Stored credentials
/var/lib/jenkins/config.xml               # Global config (API tokens)

SSH Keys:

/var/lib/jenkins/.ssh/id_rsa              # Jenkins SSH private key
/root/.ssh/id_rsa                         # Root SSH key (if Jenkins runs as root)
/home/<user>/.ssh/id_rsa                  # Service account SSH keys

Cloud Credentials:

/var/lib/jenkins/.aws/credentials         # AWS access keys
/var/lib/jenkins/.kube/config             # Kubernetes cluster credentials
/var/lib/jenkins/.docker/config.json      # Docker registry credentials

Post-Exploitation Chain

1. File read (CVE-2024-23897): Extract admin credentials, SSH keys

2. Authentication: Login with stolen credentials

3. Groovy script console access: Admin-level feature for arbitrary code execution

4. RCE: Execute system commands via Groovy scripts

5. Lateral movement: Use Jenkins as pivot to build servers, production deployments, cloud infrastructure

Real-World Exploitation

CI/CD Supply Chain Attacks

Jenkins is the central nervous system of CI/CD pipelines. Compromising Jenkins enables:

Source Code Access:

Jenkins has read/write access to Git repositories (GitHub, GitLab, Bitbucket). Attackers can:

• Inject malicious code into repositories
• Steal proprietary source code
• Backdoor build artifacts

Build Environment Compromise:

Jenkins executes builds on worker nodes. Attackers gain:

• Access to build secrets (API keys, database passwords)
• Ability to inject malware into build artifacts
• Control over deployment pipelines

Production Deployment:

Jenkins deploys to production environments. Attackers can:

• Deploy backdoored applications
• Exfiltrate production credentials
• Pivot to production infrastructure

Observed Attack Patterns

According to Jenkins Security Advisory, exploitation began within 24 hours of CVE disclosure (January 24, 2024)[^2]:

Stage 1: Reconnaissance
- Scan for /cli endpoint
- Test for args4j @ expansion
- Enumerate file system structure

Stage 2: Credential Harvesting
- Extract master.key
- Read credentials.xml
- Decrypt stored credentials
- Steal SSH keys

Stage 3: Privilege Escalation
- Login with admin credentials
- Access Groovy script console
- Execute reverse shell

Stage 4: Persistence & Lateral Movement
- Create backdoor admin accounts
- Install malicious Jenkins plugins
- Pivot to build servers
- Compromise production environments

Detection & Response

Network Indicators

POST requests to /cli endpoint
HTTP headers: "Session: ", "Side: download"
Request body containing @ symbol followed by Unix/Windows file paths
User-Agent: curl, python-requests, custom scripts

Jenkins Logs

INFO hudson.cli.CLIAction: Processing CLI command with args: [@/etc/passwd]
WARNING hudson.cli.CLICommand: Invalid argument: root:x:0:0:root:/root:/bin/bash
ERROR hudson.remoting.Channel: args4j parsing failed: Illegal file path

File System Indicators

Unexpected access to:
- /var/lib/jenkins/secrets/*
- /var/lib/jenkins/credentials.xml
- /var/lib/jenkins/.ssh/*
- Jenkins system logs showing failed authentication attempts with leaked credentials

Sigma Rule

title: CVE-2024-23897 Jenkins CLI File Read Attempt
detection:
  selection_endpoint:
    cs-uri-path: '/cli'
    cs-method: 'POST'
  selection_payload:
    cs-post-body|contains: '@/'
  condition: all of selection_*
level: critical

YARA Rule

rule CVE_2024_23897_Exploit_Request {
    strings:
        $cli_endpoint = "POST /cli" ascii
        $file_expansion = /@(\/|\\)[a-zA-Z0-9_\-\/\\.]+/ ascii
        $session_header = "Session:" ascii
    condition:
        all of them
}

Full detection package including Splunk/Elastic queries, IOCs available in Lyrie's CVE-2024-23897 exploit lab.

Remediation

Immediate Actions

1. Upgrade Jenkins to 2.442 (weekly) or 2.426.3 (LTS) or later[^3]

2. Disable CLI remoting: If not required, disable via Jenkins → Manage Jenkins → Configure Global Security → uncheck "Enable CLI over remoting"

3. Network restriction: Limit /cli endpoint to trusted internal IPs via firewall/WAF

4. Hunt for exploitation: Search logs for @/ patterns in CLI requests, unexpected file access

5. Credential rotation: If exploitation confirmed, rotate ALL Jenkins credentials, SSH keys, API tokens

Long-Term Hardening

• Minimize CLI exposure: Only enable CLI if actively required
• Role-based access control: Limit admin access to dedicated jump hosts
• Secrets management: Use external secret stores (HashiCorp Vault, AWS Secrets Manager) instead of Jenkins credentials.xml
• Network segmentation: Jenkins in isolated DMZ, not general application network
• Audit logging: Enable detailed audit logs for CLI access, credential usage, Groovy script execution
• Least privilege: Jenkins worker nodes should NOT have production access

Shodan/Censys Detection

http.title:"Dashboard [Jenkins]"
http.component:"jenkins"
port:8080,443

Lyrie Verdict

Threat Level: CRITICAL

CVE-2024-23897 is a textbook example of logical vulnerability — no buffer overflow, no SQL injection, just exploitation of an intended feature (args4j file expansion) in an unintended context:

✅ Unauthenticated file read — no credentials required

✅ High-value targets — credentials, SSH keys, cloud access

✅ Trivial exploitation — single curl command

✅ Supply chain impact — compromise of entire CI/CD pipeline

✅ Rapid weaponization — exploited within 24 hours of disclosure

The CI/CD Paradox:

Organizations secure production environments with defense-in-depth, yet treat CI/CD infrastructure as "internal tooling" with minimal security controls. This creates a paradox:

• Jenkins has MORE access than production (source code, deployment credentials, multi-cloud access)
• Jenkins receives LESS security scrutiny than production (no WAF, often exempt from pen tests, relaxed firewall rules)

This vulnerability demonstrates the strategic value of CI/CD compromise:

• 1 compromised Jenkins = N compromised repositories (lateral movement to all connected Git repos)
• 1 compromised Jenkins = M compromised deployments (inject malware into build artifacts deployed to production)
• 1 compromised Jenkins = supply chain attack (if builds are distributed externally)

Recommended Posture:

• Treat Jenkins with same security rigor as tier-0 production systems
• Assume any Jenkins < 2.442/2.426.3 exposed to network is compromised
• Implement zero-trust for CI/CD (assume breach, verify every action)
• Automated secret rotation (Jenkins credentials should rotate every 24-48 hours)
• Immutable build infrastructure (worker nodes rebuild on every job)

Organizations running Jenkins should conduct immediate threat hunts for CVE-2024-23897 IOCs and perform full credential rotation even if exploitation is not confirmed. The risk of undetected compromise is too high.

---

References

[^1]: Jenkins Security Advisory: SECURITY-3314 / CVE-2024-23897

[^2]: Rapid7 Analysis: Jenkins CVE-2024-23897 Exploitation in the Wild

[^3]: Jenkins Release Notes: Jenkins 2.442 Security Update

---

Related Research:

• Full Exploit Lab (Mock + PoC + Detection) — Lyrie Threat Intelligence
• CISA KEV Entry — CVE-2024-23897
• Public PoC — h4x0r-dz

Word Count: 1,164

Citations: 3

Last Updated: April 26, 2026