Jenkins CLI Data Leak Vulnerability
Overview
The SonicWall Capture Labs threat research team became aware of the Jenkins CLI (command-line-interface) arbitrary file read vulnerability, assessed its impact and developed mitigation measures for the vulnerability.
Jenkins is a Java-based automation tool that facilitates continuous integration/continuous delivery and deployment (CI/CD). Recently, an arbitrary file read vulnerability has been identified in Jenkins, specifically affecting its command-line interface (CLI). The flaw arises due to a feature in the Jenkins CLI command parser that improperly handles the ‘@’ character followed by a file path in an argument, resulting in disclosing the first few lines of the file. Consequently, a remote attacker without any privileges could potentially exploit this vulnerability by crafting a command that takes an arbitrary number of arguments and displays these back to the user. If exploited successfully, this vulnerability could grant the attacker unauthenticated access with no permissions (i.e. the default Jenkins install) and can leak the first couple of lines of arbitrary text files on a vulnerable Jenkins server.
- Jenkins versions 2.441 and below
- LTS 2.426.3 and below
CVE Details
This security issue has been formally acknowledged and indexed in the Common Vulnerabilities and Exposures (CVE) system, explicitly identified as CVE-2023-23897.
As per NIST NVD CVE, CVE-2023-23897 is still undergoing analysis and therefore there has been no defined CVSS score for this vulnerability as of yet. Although, based on the proof of concept (PoC), some references could be made. It has a network-based attack vector, meaning the vulnerability can be exploited remotely, and its attack complexity is low, suggesting minimal effort is required for exploitation. It necessitates no special privileges, increasing its potential reach, and it doesn’t require user interaction, enhancing its stealth and potential for unnoticed exploitation.
A severe flaw highlighted as an arbitrary file read vulnerability has been reported in Jenkins instances, attributed to how Jenkins CLI uses the args4j library to parse command arguments and options. args4j is a small Java class library that makes it easy to parse command line options/arguments in your CUI application. The CLI is enabled by default in all possible Jenkins deployments. Jenkins is widely deployed, with tens of thousands of public-facing installs, and the Jenkins advisory was clear that this vulnerability could lead to remote code execution. When a user supplies certain arguments to the CLI of the vulnerable Jenkins servers, it misinterprets those arguments, specifically those starting with ’@’, and in the resulting output, some lines of the file are echo’d back as part of error messages. This leads to a data leak vulnerability from arbitrary file read to remote code execution on the Jenkins controller file system using the default character encoding of the Jenkins controller process. Surprisingly, attackers without Overall/Read permission can read the first few lines of files and those with full permissions can read entire files. The number of lines that can be read depends on available CLI commands.
This data leak vulnerability could also be used to read binary files with cryptographic keys. There are various Jenkins features such as the “Remember me” cookie, build logs and resource root URLs that may lead to remote code execution by exploiting this vulnerability.
Some Jenkins’ features make this vulnerability easier to exploit. As shown in the figure below, the “Allow users to sign up” option allows anyone with access to the Jenkins server to self-register an account. And the “Allow anonymous read access” option gives any random user the Overall/Read permission.
Figure 1: Jenkins Controller File System Security Permissions
Exploitation with CVE-2024-23897
Args4j is a Java class library that makes it easy to parse command line options/arguments in CLI applications using annotations, and it generates usage text easily. The command line interface can be accessed over SSH or with the Jenkins CLI client – a .jar file distributed with Jenkins. In the patched Jenkins version, this SSH service is disabled by default and requires added authentication to get read permissions from the administrator.
While exploiting this vulnerability, the crucial part is to know the version of the live Jenkins instance. A simple curl request to a Jenkins deployment readily discloses its version in a header named “X-Jenkins”. This makes it easy to determine whether the Jenkins server is susceptible to this specific vulnerability.
Figure 2: A simple curl request to Jenkins Server
In the vulnerable Jenkins versions, an unauthenticated user is allowed to read a few lines (three lines) that do not have Overall/Read permissions at all. Even with this limitation, an attacker can achieve remote code execution and can decrypt secret keys. Using a specific command with “jenkins-cli.jar”, an unauthenticated attacker can disclose sensitive information. Here are a few examples:
Figure 3: Examples
Figure 4: Exploiting CVE-2024-23897
PoCs have been made public and could be readily used by attackers to leverage vulnerable Jenkins servers. Multiple reports suggest that Jenkins is being exploited in the wild.
SonicWall Protections
To ensure SonicWall customers are prepared for any exploitation that may occur due to this vulnerability, the following signatures have been released:
- IPS:4251 Jenkins CLI Arbitrary File Read
Remediation Recommendations
The risks posed by this vulnerability can be mitigated or eliminated by:
- Applying the vendor-supplied patch to eliminate this vulnerability
- Utilizing up-to-date IPS signatures to filter network traffic
- Configuring the vulnerable product to allow access to trusted clients only
According to the Jenkins advisory, Jenkins 2.442, LTS 2.426.3 disables the command parser feature that replaces an ‘@’ character followed by a file path in an argument with the file’s contents for CLI commands. In another workaround, Jenkins suggests restricting access to CLI until the patch is applied to live instances.
Relevant Links
