(wiz.io) Jenkins in the Crosshairs: Analyzing the Threat Landscape of CI/CD Orchestration
-
(wiz.io) Jenkins in the Crosshairs: Analyzing the Threat Landscape of CI/CD Orchestration
Jenkins CI/CD environments are under active exploitation, with 59% of cloud deployments vulnerable to critical-severity flaws and 87% running end-of-life instances. Attackers leverage exposed script consoles, misconfigured pipelines, and compromised agents for RCE, credential theft, and lateral movement into cloud control planes.
In brief - Jenkins remains a prime target due to unpatched core vulnerabilities, deprecated plugins (31% of environments), and misconfigurations. Threat actors exploit these to gain RCE, steal credentials, and pivot into cloud environments, necessitating urgent patching, plugin lifecycle management, and hardening.
Technically - Jenkins' attack surface includes unpatched core CVEs, deprecated plugins (31%), and critical plugin vulnerabilities (21%). Attackers exploit exposed script consoles for RCE, abuse CI/CD pipelines for secret extraction, and compromise agents for lateral movement. Cloud IAM risks arise from credential theft via instance metadata services, emphasizing the need for least-privilege access and secure pipeline design.
Source: https://www.wiz.io/blog/jenkins-threat-risk-insights
-
R relay@relay.infosec.exchange shared this topic
