CVE-2024-56320

{"id": "CVE-2024-56320", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.8, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.4, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-01-03T16:15:26.180", "references": [{"url": "https://github.com/gocd/gocd/commit/68b598b97bd283a5a85e20d018d69fe86acf4165", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/gocd/gocd/releases/tag/24.5.0", "tags": ["Release Notes"], "source": "security-advisories@github.com"}, {"url": "https://github.com/gocd/gocd/security/advisories/GHSA-346h-q594-rj8j", "tags": ["Vendor Advisory"], "source": "security-advisories@github.com"}, {"url": "https://www.gocd.org/releases/#24-5-0", "tags": ["Release Notes"], "source": "security-advisories@github.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-285"}]}], "descriptions": [{"lang": "en", "value": "GoCD is a continuous deliver server. GoCD versions prior to 24.5.0 are vulnerable to admin privilege escalation due to improper authorization of access to the admin \"Configuration XML\" UI feature, and its associated API. A malicious insider/existing authenticated GoCD user with an existing GoCD user account could abuse this vulnerability to access information intended only for GoCD admins, or to escalate their privileges to that of a GoCD admin in a persistent manner. it is not possible for this vulnerability to be abused prior to authentication/login. The issue is fixed in GoCD 24.5.0. GoCD users who are not able to immediate upgrade can mitigate this issue by using a reverse proxy, WAF or similar to externally block access paths with a `/go/rails/` prefix. Blocking this route causes no loss of functionality. If it is not possible to upgrade or block the above route, consider reducing the GoCD user base to more trusted set of users, including temporarily disabling use of plugins such as the guest-login-plugin, which allow limited anonymous access as a regular user account."}, {"lang": "es", "value": "GoCD es un servidor de entrega continua. Las versiones de GoCD anteriores a la 24.5.0 son vulnerables a la escalada de privilegios de administrador debido a la autorizaci\u00f3n incorrecta del acceso a la funci\u00f3n de interfaz de usuario \"XML de configuraci\u00f3n\" del administrador y su API asociada. Un usuario interno malintencionado o un usuario autenticado existente de GoCD con una cuenta de usuario de GoCD existente podr\u00eda aprovechar esta vulnerabilidad para acceder a informaci\u00f3n destinada \u00fanicamente a los administradores de GoCD o para escalar sus privilegios a los de un administrador de GoCD de manera persistente. No es posible que se abuse de esta vulnerabilidad antes de la autenticaci\u00f3n o el inicio de sesi\u00f3n. El problema se solucion\u00f3 en GoCD 24.5.0. Los usuarios de GoCD que no pueden realizar una actualizaci\u00f3n inmediata pueden mitigar este problema utilizando un proxy inverso, WAF o similar para bloquear externamente las rutas de acceso con un prefijo `/go/rails/`. El bloqueo de esta ruta no provoca ninguna p\u00e9rdida de funcionalidad. Si no es posible actualizar o bloquear la ruta anterior, considere reducir la base de usuarios de GoCD a un conjunto de usuarios m\u00e1s confiable, incluida la desactivaci\u00f3n temporal del uso de complementos como el complemento de inicio de sesi\u00f3n de invitado, que permite un acceso an\u00f3nimo limitado como una cuenta de usuario normal."}], "lastModified": "2025-08-01T20:09:15.947", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:thoughtworks:gocd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "82991491-8373-474D-95B9-F1F305632610", "versionEndExcluding": "24.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}