CVE-2022-39310 - OpenCVE

Vendors	Products
Thoughtworks	Gocd

Link	Resource
https://github.com/gocd/gocd/pull/8877	Patch Third Party Advisory
https://github.com/gocd/gocd/security/advisories/GHSA-4fp5-33jh-hgcq	Patch Release Notes Third Party Advisory
https://www.gocd.org/releases/#21-1-0	Release Notes Vendor Advisory

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2022-39310", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "dateUpdated": "2022-10-14T00:00:00", "dateReserved": "2022-09-02T00:00:00", "datePublished": "2022-10-14T00:00:00"}, "containers": {"cna": {"title": "Malicious agent may be able to impersonate another agent in GoCD", "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2022-10-14T00:00:00"}, "descriptions": [{"lang": "en", "value": "GoCD is a continuous delivery server. GoCD helps you automate and streamline the build-test-release cycle for continuous delivery of your product. GoCD versions prior to 21.1.0 can allow one authenticated agent to impersonate another agent, and thus receive work packages for other agents due to broken access control and incorrect validation of agent tokens within the GoCD server. Since work packages can contain sensitive information such as credentials intended only for a given job running against a specific agent environment, this can cause accidental information disclosure. Exploitation requires knowledge of agent identifiers and ability to authenticate as an existing agent with the GoCD server. This issue is fixed in GoCD version 21.1.0. There are currently no known workarounds."}], "affected": [{"vendor": "gocd", "product": "gocd", "versions": [{"version": "< 21.1.0", "status": "affected"}]}], "references": [{"url": "https://www.gocd.org/releases/#21-1-0"}, {"url": "https://github.com/gocd/gocd/security/advisories/GHSA-4fp5-33jh-hgcq"}, {"url": "https://github.com/gocd/gocd/pull/8877"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-284: Improper Access Control", "cweId": "CWE-284"}]}], "source": {"advisory": "GHSA-4fp5-33jh-hgcq", "discovery": "UNKNOWN"}}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:thoughtworks:gocd:*:*:*:*:*:*:*:*", "matchCriteriaId": "AE600F59-5CB0-4E7F-B58F-16121BF8F61E", "versionEndExcluding": "21.1.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "GoCD is a continuous delivery server. GoCD helps you automate and streamline the build-test-release cycle for continuous delivery of your product. GoCD versions prior to 21.1.0 can allow one authenticated agent to impersonate another agent, and thus receive work packages for other agents due to broken access control and incorrect validation of agent tokens within the GoCD server. Since work packages can contain sensitive information such as credentials intended only for a given job running against a specific agent environment, this can cause accidental information disclosure. Exploitation requires knowledge of agent identifiers and ability to authenticate as an existing agent with the GoCD server. This issue is fixed in GoCD version 21.1.0. There are currently no known workarounds."}, {"lang": "es", "value": "GoCD es un servidor de entrega continua. GoCD le ayuda a automatizar y agilizar el ciclo de construcci\u00f3n-prueba-lanzamiento para la entrega continua de su producto. Las versiones de GoCD anteriores a 21.1.0 pueden permitir a un agente autenticado hacerse pasar por otro agente y, por lo tanto, reciba paquetes de trabajo para otros agentes debido a un control de acceso roto y a una comprobaci\u00f3n incorrecta de los tokens de los agentes dentro del servidor de GoCD. Dado que los paquetes de trabajo pueden contener informaci\u00f3n confidencial, como credenciales destinadas \u00fanicamente a un trabajo determinado que es ejecutado en un entorno de agente espec\u00edfico, esto puede causar la divulgaci\u00f3n accidental de informaci\u00f3n. La explotaci\u00f3n requiere el conocimiento de los identificadores del agente y la capacidad de autenticarse como un agente existente con el servidor GoCD. Este problema ha sido corregido en GoCD versi\u00f3n 21.1.0. Actualmente no se presentan mitigaciones conocidas"}], "id": "CVE-2022-39310", "lastModified": "2022-10-19T17:11:32.677", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2022-10-14T20:15:16.053", "references": [{"source": "security-advisories@github.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/gocd/gocd/pull/8877"}, {"source": "security-advisories@github.com", "tags": ["Patch", "Release Notes", "Third Party Advisory"], "url": "https://github.com/gocd/gocd/security/advisories/GHSA-4fp5-33jh-hgcq"}, {"source": "security-advisories@github.com", "tags": ["Release Notes", "Vendor Advisory"], "url": "https://www.gocd.org/releases/#21-1-0"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-284"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

JSON object

JSON object

JSON object