When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.
This vulnerability,BleepingComputerreports, already has multiple proof-of-concept (PoC) exploits in the wild.
This feature is turned on by default, it was added.
They could also delete files from Jenkins servers and download Java heap dumps.
As per a Shadowserver scan, there are roughly 45,000 unpatched Jenkins servers that could be potential targets.
Given the severity of the flaw, IT admins are advised to apply the patch as soon as possible.
Those that are unable to do so should reach out to the Jenkins project for recommendations and workarounds.
