A vulnerability (CVE-2020-2100) in 12,000+ internet-facing Jenkins servers can be abused to mount, amplify reflective DDoS attacks against internet hosts.
Source : 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks – Help Net Security