H3-2020-0021

Unauthenticated Access to the Jenkins Script Console

Description

The Jenkins server has a misconfiguration that leaves the Script Console accessible to unauthenticated users. Jenkins is a widely-used automation server that helps developers build, test, and deploy their software efficiently. By accessing the Script Console, an attacker can execute arbitrary commands on the Jenkins server using the Groovy scripting language, potentially leading to a compromise of the host machine and further network penetration.

Impact

Exploiting this misconfiguration can allow attackers to gain complete control over the Jenkins server, including shell access. This control could expose sensitive information, such as credentials stored in Jenkins or other confidential data.

References

• Securing Jenkins
• Jenkins - Script-Console Java Execution (Metasploit)
• MITRE ATT&CK Technique: T1059: Command and Scripting Interpreter