CVE-2024-23897: Jenkins CLI Arbitrary File Read Leading to RCE
How a single args4j library feature turned every internet-facing Jenkins server into an unauthenticated file read endpoint, and in some configurations, a full remote code execution vector against your software supply chain

Retool's new app builder is where AI-generated code ships safely
Building apps with AI is easy. Getting them to production safely is another story.
CVE-2024-23897 is a critical arbitrary file read vulnerability in Jenkins, the open-source CI/CD server used by millions of development teams worldwide. Discovered by Sonarsource researchers and disclosed January 24, 2024, the flaw exploits a feature of the args4j argument parsing library that Jenkins uses for its built-in CLI. Any file on the Jenkins controller's filesystem can be read without authentication, including credential stores, private keys, and configuration files. In the worst-case configuration, reading cryptographic key material enabled complete remote code execution. A compromised Jenkins controller is a software supply chain attack waiting to happen.
Root Cause: args4j @ File Expansion
Jenkins includes a built-in CLI accessible over HTTP (or optionally SSH) that administrators and automation tools use to interact with the server programmatically. The CLI uses the args4j library for argument parsing. args4j includes a file expansion feature: when a command-line argument begins with @, the library reads the specified file and treats its contents as additional command-line arguments.
This feature exists in many CLI tools for passing long argument lists via file. In Jenkins, it was exposed without adequate access controls. An unauthenticated attacker could invoke any Jenkins CLI command with an @/path/to/any/file argument, Jenkins would read that file and return its first line in the resulting error message (since file contents are unlikely to be valid CLI arguments).
With certain permission levels, the full file content was readable. Critically, Jenkins' JENKINS_HOME directory contains credential stores, master key material, and configuration files that should never be externally readable.
Escalation Path: File Read to Remote Code Execution
The arbitrary file read alone is a critical finding, but the escalation path made CVE-2024-23897 exceptional:
Credential theft: Jenkins stores credentials in credentials.xml, encrypted with keys from secrets/master.key and secrets/hudson.util.Secret. Reading these three files and applying Jenkins' decryption logic (publicly documented) exposes every stored credential in plaintext, AWS keys, SSH private keys, API tokens, VCS passwords.
Cryptographic key compromise: The file secrets/slave-to-master-security-kill-switch and related paths contain private key material used in Jenkins' CLI authentication protocol. Obtaining these keys allowed forging authenticated CLI sessions.
Deserialization RCE: On older Jenkins instances with the remoting-based CLI enabled (deprecated but not always disabled), forged authenticated sessions could trigger Java object deserialization with attacker-controlled data, a well-known RCE primitive in Java applications.
Groovy Script Console: With stolen admin credentials, the Jenkins Script Console executes arbitrary Groovy code at OS level. This is the most straightforward post-credential-theft RCE path.
Briefings like this, every morning before 9am.
Threat intel, active CVEs, and campaign alerts, distilled for practitioners. 50,000+ subscribers. No noise.
Attack Chain: From Internet to Supply Chain Compromise
The full exploitation path targeting a CI/CD supply chain:
Identify Internet-Facing Jenkins
Attacker discovers Jenkins instance via Shodan, Censys, or targeted recon. Jenkins CLI is enabled by default on port 8080 and accessible without prior authentication.
Unauthenticated File Read
CLI command sent with @/var/jenkins_home/secrets/master.key argument; Jenkins returns first line of the master key file in an error response. Repeat for hudson.util.Secret and credentials.xml.
Credential Decryption
Using publicly documented Jenkins credential decryption logic (master.key + hudson.util.Secret), attacker decrypts all credentials stored in credentials.xml, cloud keys, VCS tokens, signing certificates.
Admin Access or Direct RCE
Stolen admin credentials used to authenticate to Jenkins and access Script Console. Groovy payload executes arbitrary OS commands as the Jenkins process user.
Supply Chain Compromise
Attacker modifies build pipeline definitions to inject malicious code into compiled artifacts, poisons container images pushed to registries, or plants backdoors in packages before production deployment.
Why Jenkins Is a Crown Jewel Target
CI/CD servers are uniquely privileged systems. A Jenkins controller routinely holds access to source code repositories, cloud provider credentials for deployment, container registry push credentials, code signing certificates for production binaries, and network access to staging and production environments through build agents.
Compromising a Jenkins controller is structurally similar to a SolarWinds-style supply chain attack, the attacker gains the ability to inject malicious code into software before it reaches end users, signed by the victim organization's own certificates, delivered through trusted update mechanisms. The February 2024 CISA KEV addition reflected the high observed exploitation rate against production Jenkins servers across multiple sectors.
Indicators of Compromise
Detection focuses on anomalous CLI usage patterns and filesystem access:
Subscribe to unlock Indicators of Compromise
Free subscribers unlock full IOC lists, Sigma detection rules, remediation steps, and every daily briefing.
Remediation
Steps in order of urgency:
Subscribe to unlock Remediation & Mitigation steps
Free subscribers unlock full IOC lists, Sigma detection rules, remediation steps, and every daily briefing.
The bottom line
CVE-2024-23897 is the nightmare scenario for software supply chain security, an unauthenticated file read in a system that holds the credentials and build pipeline control for an organization's entire software delivery process. The path from 'read any file' to 'modify production binaries' is four steps and requires no specialized tooling beyond a Jenkins CLI client. Any organization running Jenkins must treat the January 2024 patch as an emergency update and conduct a post-incident credential audit regardless of whether active exploitation was confirmed.
This analysis is generic — the platform version scores threats like this against your own stack.
Frequently asked questions
Does CVE-2024-23897 require authentication?
The first-line file read is accessible to unauthenticated users by default. Full file content (beyond the first line) may require Overall/Read permission, but many Jenkins instances grant anonymous users this level. The practical impact of the first-line read is still severe, it can expose partial credential content and cryptographic key material.
What is the difference between Jenkins LTS 2.440.x and 2.442?
CVE-2024-23897 is patched in Jenkins LTS 2.442 and Jenkins weekly 2.441. The LTS 2.440.x branch did not receive a backported fix, organizations on 2.440.x must upgrade to 2.442 or later, not just apply a minor update within the 2.440 line.
Is Jenkins Cloud (jenkins.io hosted) or GitHub Actions affected?
CVE-2024-23897 only affects self-hosted Jenkins instances. Managed CI/CD platforms like GitHub Actions, GitLab CI, CircleCI, and Jenkins on CloudBees SaaS are not affected by this vulnerability. The flaw is specific to the Jenkins CLI implementation in the open-source server.
How does Jenkins store credentials, and why is the master.key file so sensitive?
Jenkins stores credentials (API keys, SSH keys, passwords, certificates) in an encrypted XML file at JENKINS_HOME/credentials.xml. The encryption uses a two-key system: secrets/master.key (a 256-byte random key) and secrets/hudson.util.Secret (derived from master.key). Jenkins decrypts stored credentials at runtime using these two files together. Because the decryption logic is fully documented and publicly known, any attacker who reads all three files (credentials.xml, master.key, and hudson.util.Secret) via CVE-2024-23897 can decrypt every stored credential offline without needing any access to the Jenkins server itself.
Which credentials should be rotated if a Jenkins instance was exposed to CVE-2024-23897?
Treat every credential stored in Jenkins as compromised and rotate all of them: AWS/GCP/Azure IAM keys and service account credentials, SSH private keys used for deployment or Git access, code signing certificates and their private keys, VCS repository access tokens (GitHub, GitLab, Bitbucket), container registry push credentials, API tokens for deployment targets (Kubernetes service accounts, Helm repos), and any database passwords used in integration tests. Also rotate the Jenkins master.key and re-encrypt all credentials after rotation using Jenkins' built-in secret rotation mechanism. After patching, audit all build pipelines for unauthorized modifications during the exposure window.
Why is compromising a Jenkins server called a supply chain attack?
A Jenkins controller is the build orchestrator that compiles source code into production binaries. An attacker with control of Jenkins can modify Jenkinsfile pipeline definitions to inject malicious code into any compiled artifact before it is signed and shipped. The resulting binary is signed with the victim organization's own code signing certificate, delivered through legitimate software distribution channels, and indistinguishable from authentic software to end users and their security tools. This is structurally identical to the SolarWinds Orion attack, where attackers modified the build pipeline to embed malware in signed updates distributed to thousands of customers.
Sources & references
Free resources
Critical CVE Reference Card 2025–2026
25 actively exploited vulnerabilities with CVSS scores, exploit status, and patch availability. Print it, pin it, share it with your SOC team.
Ransomware Incident Response Playbook
Step-by-step 24-hour IR checklist covering detection, containment, eradication, and recovery. Built for SOC teams, IR leads, and CISOs.
Get threat intel before your inbox does.
50,000+ security professionals read Decryption Digest for early warnings on zero-days, ransomware, and nation-state campaigns. Free, daily, no spam.
Unsubscribe anytime. We never sell your data.

Founder & Cybersecurity Evangelist, Decryption Digest
Cybersecurity professional with expertise in threat intelligence, vulnerability research, and enterprise security. Covers zero-days, ransomware, and nation-state operations for 50,000+ security professionals every morning.
Win a $2,495 Black Hat pass.
Full-access to Black Hat USA 2026 in Las Vegas. Subscribe free to enter.
