CVE-2020-5415

Опубликовано: 12 авг. 2020

Источник: nvd

CVSS3: 10

CVSS2: 6.4

EPSS Низкий

Описание

Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by way of configuring a GitLab account with the same full name as another user who is granted access to a Concourse team. GitLab groups do not have this vulnerability, so GitLab users may be moved into groups which are then configured in the Concourse team.

Ссылки

https://github.com/concourse/concourse/security/advisories/GHSA-627p-rr78-99rj
Patch
Third Party Advisory
https://tanzu.vmware.com/security/cve-2020-5415
Third Party Advisory
https://github.com/concourse/concourse/security/advisories/GHSA-627p-rr78-99rj
Patch
Third Party Advisory
https://tanzu.vmware.com/security/cve-2020-5415
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:pivotal_software:concourse:*:*:*:*:*:*:*:*

Версия до 6.3.1 (исключая)

cpe:2.3:a:pivotal_software:concourse:*:*:*:*:*:*:*:*

Версия от 6.4.0 (включая) до 6.4.1 (исключая)

EPSS

Процентиль: 49%

0.00257

Низкий

10 Critical

CVSS3

10 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-290

Связанные уязвимости

GHSA-627p-rr78-99rj

CVSS3: 7.5

github

около 4 лет назад

GitLab auth uses full name instead of username as user ID, allowing impersonation

EPSS

Процентиль: 49%

0.00257

Низкий

10 Critical

CVSS3

10 Critical

CVSS3

6.4 Medium

CVSS2

Дефекты

CWE-290