exploitDog

GHSA-4x25-wq2v-85f9

Опубликовано: 15 апр. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers.

An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers.

Ссылки

EPSS

Процентиль: 100%

0.91307

Критический

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200

Связанные уязвимости

CVE-2021-43287

CVSS3: 7.5

nvd

почти 4 года назад

An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers.

EPSS

Процентиль: 100%

0.91307

Критический

7.5 High

CVSS3

CVE ID

Дефекты

CWE-200