Jenkins has long been the automation backbone of software delivery pipelines, which is exactly what made CVE-2017-1000353 so dangerous. This vulnerability is an unauthenticated remote code execution flaw in the Jenkins CLI that let an attacker with nothing more than network access to the CLI port take complete control of the underlying build server. Because Jenkins instances routinely hold source code, deployment credentials, cloud API keys, and signing secrets, a single unpatched instance could become the pivot point for a full software supply chain compromise. CVE-2017-1000353 was quickly weaponized in the wild, including by cryptomining botnets that scanned the internet for exposed Jenkins CLI endpoints, and it remains a textbook case study in why Java deserialization bugs on a CI server are so consequential.
What Is CVE-2017-1000353?
CVE-2017-1000353 stems from how the Jenkins command-line interface handled the objects it received over its remoting-based transport. Jenkins' CLI remoting protocol accepted a serialized Java object as part of establishing a CLI command's authentication context, and that object was deserialized before Jenkins performed any permission or authentication check. An attacker who could reach the CLI port did not need valid credentials at all — they only needed to craft a malicious serialized payload using a "gadget chain" built from classes already present on the Jenkins classpath (a technique made famous by the broader Apache Commons Collections deserialization research that swept through Java application security in 2015–2017).
Because Java's native serialization format allows an ObjectInputStream to instantiate and invoke methods on arbitrary classes during deserialization, a carefully constructed byte stream could trigger a chain of method calls that ultimately executed operating-system commands on the Jenkins master. In short: reach the port, send a crafted object, get a shell — no login required. This class of bug is often described simply as "Jenkins CLI deserialization," and CVE-2017-1000353 is the most widely referenced instance of it.
Affected Versions and Components
The advisory that accompanied CVE-2017-1000353 identified the vulnerable component as Jenkins core's CLI subsystem, specifically the remoting-based CLI protocol (as opposed to the newer HTTP-based CLI transport introduced in later releases). The affected releases were:
- Jenkins weekly (main line): versions up to and including 2.56
- Jenkins LTS: versions up to and including 2.46.1
The fix shipped in Jenkins weekly 2.57 and Jenkins LTS 2.46.2. Jenkins core maintainers addressed the flaw by removing the ability to pass a serialized authentication object ahead of permission checks and by hardening the deserialization path with object-type filtering, so that only expected classes could be instantiated from CLI-supplied data. In subsequent releases, the project went further and deprecated the legacy remoting-based CLI protocol entirely, steering users toward the safer SSH- and HTTP-based CLI mechanisms — a recognition that any protocol built on raw Java object deserialization from untrusted input carries structural risk, not just a single patchable bug.
It's worth noting that Jenkins CLI deserialization issues were not a one-off: earlier flaws such as CVE-2015-8103 and CVE-2016-0792 followed the same pattern (untrusted deserialization reachable via the CLI), and CVE-2017-1000353 is best understood as part of that broader lineage rather than an isolated incident.
CVSS, EPSS, and Exploitation Context
CVE-2017-1000353 is rated Critical, with NVD scoring it 9.8 on the CVSS v3 scale (network-exploitable, low attack complexity, no privileges or user interaction required, and complete impact on confidentiality, integrity, and availability). That score reflects the reality of the bug: an attacker needs only TCP reachability to a Jenkins CLI port, no valid account, and no user interaction to gain full code execution on the server.
The vulnerability's real-world impact matched its score. Within weeks of the April 2017 disclosure, public proof-of-concept exploit code circulated, and Jenkins CLI deserialization quickly became a staple technique in opportunistic internet-wide scanning. Security researchers subsequently documented cryptomining campaigns — most notably the "JenkinsMiner" operation uncovered in early 2018 — that abused this exact class of Jenkins CLI deserialization flaw to install Monero-mining malware across thousands of exposed, unpatched servers. Given how frequently Jenkins masters are left internet-facing for convenience (build webhooks, remote agents, distributed teams), exposure has never fully gone away, and vulnerability scanners and exploit-probability models continue to flag CVE-2017-1000353 as high-value for attackers whenever an unpatched, internet-reachable instance is found. Any organization running internet-exposed Jenkins infrastructure should treat this CVE with the same urgency as a freshly disclosed critical bug, not as historical trivia.
Timeline
- Discovery and reporting: The flaw was identified and reported to the Jenkins security team by security researcher Moritz Bechler, who had previously reported related Jenkins CLI deserialization issues.
- April 26, 2017: The Jenkins project published Security Advisory 2017-04-26, disclosing CVE-2017-1000353 alongside several related CVEs from the same advisory batch, and releasing fixed versions Jenkins 2.57 (weekly) and 2.46.2 (LTS).
- Weeks after disclosure: Public exploit code and Metasploit-style modules for the Jenkins CLI deserialization bug began circulating, lowering the bar for exploitation to essentially point-and-click.
- 2017–2018: Mass scanning and exploitation activity was observed against internet-facing Jenkins servers, including cryptomining botnet campaigns that specifically targeted unpatched CLI endpoints.
- Ongoing: Because Jenkins upgrades in enterprise environments can lag, instances running pre-2.57/2.46.2 code — or forks and appliances bundling old Jenkins versions — continue to surface in security assessments and internet-wide scans years later.
Remediation Steps
- Upgrade Jenkins immediately. Update to Jenkins weekly 2.57 or later, or LTS 2.46.2 or later (and, in practice, to the current supported LTS line, since numerous CLI and plugin vulnerabilities have been fixed since 2017). Do not treat this as optional maintenance — an unpatched CLI is a direct path to remote code execution.
- Disable the remoting-based CLI protocol if you don't need it. Jenkins allows administrators to turn off the legacy CLI-over-TCP transport in favor of CLI-over-HTTP/SSH, which removes the underlying deserialization attack surface entirely, even on patched versions.
- Restrict network access to the CLI port. Jenkins masters, and specifically their CLI/agent ports, should never be reachable from the open internet. Place Jenkins behind a VPN, bastion, or strict firewall/security-group rules limiting access to known build infrastructure and administrators.
- Enforce authentication and authorization on Jenkins itself. Ensure "Allow anonymous read access" and similarly permissive settings are disabled, and that role-based access control is configured so that even authenticated exploitation paths are minimized.
- Audit for compromise, not just presence of the patch. If a Jenkins instance was ever exposed while running an affected version, treat it as potentially compromised: rotate all credentials, secrets, and API tokens the Jenkins server had access to, review job configurations and recently added users for tampering, and inspect build artifacts for injected malicious code.
- Inventory your CI/CD footprint. Jenkins is frequently deployed by individual teams outside central IT visibility. A full asset inventory of every Jenkins master, agent, and Docker-based CI runner in the environment is essential to ensure no forgotten instance is still running vulnerable code.
- Monitor for anomalous CLI and deserialization activity. Logging and alerting on unexpected CLI connections, unusual outbound network activity from build agents, or unexpected process spawning from the Jenkins service account can catch exploitation attempts even on hosts that haven't yet been patched.
How Safeguard Helps
CVE-2017-1000353 is a reminder that CI/CD infrastructure is production infrastructure — and often the most privileged production infrastructure an organization runs, since it holds the keys to everything it builds and deploys. Safeguard is built to close exactly this kind of software supply chain blind spot.
Safeguard continuously discovers and inventories CI servers like Jenkins across an organization's environment, including instances teams may have spun up outside sanctioned pipelines, and maps them against known vulnerabilities such as CVE-2017-1000353 so that stale, unpatched, or misconfigured build infrastructure doesn't go unnoticed. Rather than relying on periodic scans, Safeguard tracks Jenkins versions, exposed CLI and agent ports, and plugin inventories continuously, flagging any instance that falls below a safe baseline the moment it drifts out of compliance.
Beyond detection, Safeguard correlates infrastructure exposure with software supply chain risk: if a vulnerable Jenkins server has produced artifacts, signed releases, or pushed to downstream repositories, Safeguard helps trace that blast radius so security teams can prioritize credential rotation and artifact re-verification where it actually matters, rather than treating every CVE with the same generic urgency. For a vulnerability class like Jenkins CLI Java deserialization — where a single missed patch can hand an attacker unauthenticated code execution on the system that builds your software — that kind of continuous, supply-chain-aware visibility is exactly what turns a historical CVE into a manageable, monitored risk instead of a recurring incident waiting to happen.