Lucene search
K

4 matches found

NVD
NVD
added 2025/01/03 4:15 p.m.52 views

CVE-2024-56320

GoCD is a continuous deliver server. GoCD versions prior to 24.5.0 are vulnerable to admin privilege escalation due to improper authorization of access to the admin "Configuration XML" UI feature, and its associated API. A malicious insider/existing authenticated GoCD user with an existing GoCD...

9.4CVSS0.00727EPSS
Exploits0References4
Circl
Circl
added 2025/01/03 3:41 p.m.3 views

CVE-2024-56320

creationtimestamp| type| source ---|---|--- 2025-01-03 15:41:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113765180178483233 2025-01-03 17:51:29+00:00| seen| https://t.me/cvedetector/14223...

9.4CVSS4.8AI score0.00727EPSS
Exploits0References2
CVE
CVE
added 2025/01/03 3:37 p.m.110 views

CVE-2024-56320

GoCD before 24.5.0 is vulnerable to admin privilege escalation via improper authorization of the admin “Configuration XML” UI and related API. An authenticated GoCD user with an existing account can access information intended only for admins or elevate privileges to admin, with exploitation requ...

9.4CVSS6.5AI score0.00727EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/01/03 3:37 p.m.18 views

CVE-2024-56320 GoCD vulnerable to admin privilege escalation by a malicious internal/existing authenticated user

GoCD is a continuous deliver server. GoCD versions prior to 24.5.0 are vulnerable to admin privilege escalation due to improper authorization of access to the admin "Configuration XML" UI feature, and its associated API. A malicious insider/existing authenticated GoCD user with an existing GoCD...

9.4CVSS6.7AI score0.00727EPSS
Exploits0References6
Rows per page
Query Builder