#GoCD Authentication Vulnerability

Read Time28 Second

Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow

10/29/2021 10:05 AM EDT

 

Original release date: October 29, 2021
GoCD has released a security update to address a critical authentication vulnerability in GoCD versions 20.6.0 through 21.2.0. GoCD is an open-source Continuous Integration and Continuous Delivery system. A remote attacker could exploit this vulnerability to obtain sensitive information.

CISA encourages users and administrators to update to GoCD 21.3.0 or apply the necessary workarounds.

For more information, see Agent 007: Pre-Auth Takeover of Build Pipelines in GoCD.

About Post Author

Robert Williams

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: