Detections
Analytics
GoCD < 21.3.0 Path Traversal
critical Nessus Plugin ID 157066
Language:
Synopsis
The GoCD web application running on the remote host is affected by a directory traversal vulnerability.Description
The GoCD web application running on the remote host has the Business Continuity add-on enabled by default. It is, therefore, affected by a directory traversal vulnerability due to an improper access restriction. An unauthenticated, remote attacker can exploit this, by sending a URI that contains directory traversal characters, to disclose the contents of files located outside of the server's restricted path.Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Solution
Update to GoCD 21.3.0 or later.See Also
https://www.gocd.org/releases/#21-3-0
https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover
Plugin Details
Severity: Critical
ID: 157066
File Name: gocd_21_3_0.nasl
Version: 1.2
Type: remote
Family: CGI abuses
Published: 1/25/2022
Updated: 1/25/2022
Supported Sensors: Nessus
Risk Information
CVSS Score Rationale: Score based on in depth analysis of the vendor advisory by tenable.
CVSS v2
Risk Factor: Critical
Base Score: 10
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Score Source: manual
CVSS v3
Risk Factor: Critical
Base Score: 10
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Vulnerability Information
CPE: cpe:/a:thoughtworks:gocd
Required KB Items: installed_sw/GoCD
Patch Publication Date: 10/27/2021
Vulnerability Publication Date: 10/27/2021