2 matches found
CVE-2022-39310
CVE-2022-39310 affects GoCD prior to 21.1.0, where an authenticated agent could impersonate another agent due to broken access control and incorrect validation of agent tokens. This could cause disclosure of credentials contained in work packages assigned to other agents. Exploitation requires kn...
CVE-2022-39310 Malicious agent may be able to impersonate another agent in GoCD
GoCD is a continuous delivery server. GoCD helps you automate and streamline the build-test-release cycle for continuous delivery of your product. GoCD versions prior to 21.1.0 can allow one authenticated agent to impersonate another agent, and thus receive work packages for other agents due to...