├── README.md
└── CVE-2024-43044.py


/README.md:
--------------------------------------------------------------------------------
 1 | # CVE-2024-43044
 2 | 
 3 | ## Description
 4 | This script checks Jenkins instances for CVE-2024-43044 by retrieving the Jenkins version from the instance and comparing it against known vulnerable version ranges.
 5 | 
 6 | - **CVE-2024-43044**: This vulnerability affects Jenkins core and remoting versions, allowing attackers to exploit certain versions of Jenkins. Details about this CVE can be found [here](https://feedly.com/cve/CVE-2024-43044).
 7 | - **GHSA-h856-ffvv-xvr4**: This advisory covers another set of vulnerabilities in Jenkins versions, providing specific version ranges that are susceptible to attacks. More information is available on the [GitHub advisory page](https://github.com/advisories/GHSA-h856-ffvv-xvr4).
 8 | 
 9 | ## Script Functionality
10 | 
11 | The script performs the following steps:
12 | 1. **Retrieve Jenkins Version**: It sends a request to the Jenkins URL and retrieves the Jenkins version from the response headers.
13 | 2. **Check Version Ranges**: It compares the retrieved version against predefined vulnerable version ranges.
14 | 3. **Output Results**: It prints whether the Jenkins instance is potentially vulnerable based on the version check.
15 | 
16 | ## Usage
17 | 
18 | ### Command Line
19 | 
20 | To check a list of Jenkins instance URLs provided as command-line arguments:
21 | ```sh
22 | python CVE-2024-43044.py <url1> <url2> ...
23 | ```
24 | 
25 | To check Jenkins instance URLs from a file:
26 | ```sh
27 | python CVE-2024-43044.py -f <file_with_urls>
28 | ```
29 | 
30 | ## References
31 | 
32 | - [CVE-2024-43044](https://feedly.com/cve/CVE-2024-43044)
33 | - [GitHub Security Advisory GHSA-h856-ffvv-xvr4](https://github.com/advisories/GHSA-h856-ffvv-xvr4)
34 | 
35 | Use this script to ensure your Jenkins instances are secure and up-to-date by regularly checking for vulnerabilities.
36 | 


--------------------------------------------------------------------------------
/CVE-2024-43044.py:
--------------------------------------------------------------------------------
 1 | import requests
 2 | import argparse
 3 | from packaging import version as packaging_version
 4 | 
 5 | def get_jenkins_version(url):
 6 |     try:
 7 |         response = requests.get(url)
 8 |         if 'X-Jenkins' in response.headers:
 9 |             return response.headers['X-Jenkins']
10 |         else:
11 |             return None
12 |     except requests.RequestException as e:
13 |         print(f"Error: {e}")
14 |         return None
15 | 
16 | def is_version_in_range(version, ranges):
17 |     v = packaging_version.parse(version)
18 |     for start, end in ranges:
19 |         if start and end:
20 |             if packaging_version.parse(start) <= v < packaging_version.parse(end):
21 |                 return True
22 |         elif start:
23 |             if packaging_version.parse(start) <= v:
24 |                 return True
25 |         elif end:
26 |             if v < packaging_version.parse(end):
27 |                 return True
28 |     return False
29 | 
30 | def is_vulnerable(version):
31 |     # Define vulnerable version ranges
32 |     core_vulnerable_ranges = [
33 |         (None, "2.452.4"),
34 |         ("2.460", "2.462.1"),
35 |         ("2.470", "2.471")
36 |     ]
37 |     remoting_vulnerable_ranges = [
38 |         (None, "3206.3208"),
39 |         ("3248", "3248.3250"),
40 |         ("3256", "3256.3258")
41 |     ]
42 |     
43 |     return is_version_in_range(version, core_vulnerable_ranges) or is_version_in_range(version, remoting_vulnerable_ranges)
44 | 
45 | def check_vulnerability(url):
46 |     version = get_jenkins_version(url)
47 |     if version:
48 |         if is_vulnerable(version):
49 |             return f"[+] {url} (Jenkins Version: {version}) is potentially vulnerable."
50 |         else:
51 |             return f"[-] {url} (Jenkins Version: {version}) is not in the list of known vulnerable versions."
52 |     else:
53 |         return f"[-] {url} - Failed to retrieve Jenkins version or Jenkins is not running."
54 | 
55 | if __name__ == "__main__":
56 |     parser = argparse.ArgumentParser(description="Check Jenkins instances for known vulnerabilities.")
57 |     parser.add_argument("urls", metavar="URL", type=str, nargs="*", help="Jenkins instance URL(s) to check")
58 |     parser.add_argument("-f", "--file", type=str, help="File containing Jenkins instance URLs to check")
59 |     args = parser.parse_args()
60 | 
61 |     urls = args.urls
62 | 
63 |     if args.file:
64 |         try:
65 |             with open(args.file, 'r') as file:
66 |                 file_urls = [line.strip() for line in file if line.strip()]
67 |                 urls.extend(file_urls)
68 |         except Exception as e:
69 |             print(f"Error reading file: {e}")
70 | 
71 |     if not urls:
72 |         print("No URLs provided. Please provide URLs as arguments or in a file.")
73 |     else:
74 |         for url in urls:
75 |             print(check_vulnerability(url))
76 | 


--------------------------------------------------------------------------------