1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Jenkins Java Deserialization CVE-2017-1000353

Web Attack: Jenkins Java Deserialization CVE-2017-1000353

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit a remote code execution vulnerability in Jenkins.

Additional Information

Jenkins is prone to remote code-execution vulnerability.

Successfully exploiting this issue allows attackers to execute arbitrary code in the context of the affected application. Failed exploits will result in denial-of-service conditions.

Affected

  • Jenkins-Ci Jenkins LTS 2.46.1
  • Jenkins-Ci Jenkins LTS 2.32.2
  • Jenkins-Ci Jenkins LTS 2.32.1
  • Jenkins-Ci Jenkins LTS 2.19.3
  • Jenkins-Ci Jenkins LTS 2.19.2
  • Jenkins-Ci Jenkins LTS 1.652.2
  • Jenkins-Ci Jenkins LTS 1.651.2
  • Jenkins-Ci Jenkins LTS 1.651.1
  • Jenkins-Ci Jenkins LTS 1.642.2
  • Jenkins-Ci Jenkins LTS 1.642.1
  • Jenkins-Ci Jenkins LTS 1.625.3
  • Jenkins-Ci Jenkins LTS 1.625.2
  • Jenkins-Ci Jenkins LTS 1.625.1
  • Jenkins-Ci Jenkins LTS 1.609.1
  • Jenkins-Ci Jenkins LTS 1.580.1
  • Jenkins-Ci Jenkins LTS 1.565.3
  • Jenkins-Ci Jenkins 1.480.3
  • Jenkins-Ci Jenkins 1.480.2
  • Jenkins-Ci Jenkins 1.480.1
  • Jenkins-Ci Jenkins 1.409.3
  • Jenkins-Ci Jenkins 1.7.24
  • Jenkins-Ci Jenkins 2.56
  • Jenkins-Ci Jenkins 2.44
  • Jenkins-Ci Jenkins 2.43
  • Jenkins-Ci Jenkins 2.32
  • Jenkins-Ci Jenkins 2.31
  • Jenkins-Ci Jenkins 2.3
  • Jenkins-Ci Jenkins 2.2
  • Jenkins-Ci Jenkins 2.1
  • Jenkins-Ci Jenkins 2.0
  • Jenkins-Ci Jenkins 1.7.24.1
  • Jenkins-Ci Jenkins 1.656
  • Jenkins-Ci Jenkins 1.655
  • Jenkins-Ci Jenkins 1.654
  • Jenkins-Ci Jenkins 1.653
  • Jenkins-Ci Jenkins 1.652
  • Jenkins-Ci Jenkins 1.651
  • Jenkins-Ci Jenkins 1.650
  • Jenkins-Ci Jenkins 1.649
  • Jenkins-Ci Jenkins 1.641
  • Jenkins-Ci Jenkins 1.640
  • Jenkins-Ci Jenkins 1.638
  • Jenkins-Ci Jenkins 1.637
  • Jenkins-Ci Jenkins 1.600
  • Jenkins-Ci Jenkins 1.587
  • Jenkins-Ci Jenkins 1.578
  • Jenkins-Ci Jenkins 1.565.3-3
  • Jenkins-Ci Jenkins 1.551
  • Jenkins-Ci Jenkins 1.550
  • Jenkins-Ci Jenkins 1.532.2
  • Jenkins-Ci Jenkins 1.532.1
  • Jenkins-Ci Jenkins 1.523
  • Jenkins-Ci Jenkins 1.514
  • Jenkins-Ci Jenkins 1.513
  • Jenkins-Ci Jenkins 1.509.1
  • Jenkins-Ci Jenkins 1.509
  • Jenkins-Ci Jenkins 1.502
  • Jenkins-Ci Jenkins 1.497
  • Jenkins-Ci Jenkins 1.491
  • Jenkins-Ci Jenkins 1.482
  • Jenkins-Ci Jenkins 1.454
  • Jenkins-Ci Jenkins 1.452
  • Jenkins-Ci Jenkins 1.451
  • Jenkins-Ci Jenkins 1.447
  • Jenkins-Ci Jenkins 1.446
  • Jenkins-Ci Jenkins 1.438
  • Jenkins-Ci Jenkins 1.424.5.1
  • Jenkins-Ci Jenkins 1.424.5
  • Jenkins-Ci Jenkins 1.424.3
  • Jenkins-Ci Jenkins 1.424.2
  • Jenkins-Ci Jenkins 1.424.1
  • Jenkins-Ci Jenkins 1.408
  • Jenkins-Ci Jenkins 1.400.0.13
  • Jenkins-Ci Jenkins 1.400.0.12

Response


  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube