A vulnerability (CVE-2020-2100) in 12,000+ internet-facing Jenkins servers can be abused to mount and amplify reflective DDoS attacks against internet hosts, Radware researchers have discovered. The vulnerability can also be triggered by a single, spoofed UDP packet to launch DoS attacks against those same vulnerable Jenkins servers, by forcing them into an infinite loop of replies that can’t be stopped unless one of the servers is rebooted or has its Jenkins service restarted. About the … More
The post 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks appeared first on Help Net Security.
Advertise on IT Security News.
Read the complete article: 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks