Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "GoCd Cruise Configuration disclosure" module is designed to detect misconfigurations in the GoCD Cruise Configuration. GoCD is an open-source continuous delivery server that helps automate and streamline the build, test, and release processes. This module focuses on identifying specific sensitive information exposed in the configuration, such as server agentAutoRegisterKey, webhookSecret, and tokenGenerationKey. The severity of this vulnerability is classified as high.
Author: dhiyaneshDk
If the GoCD Cruise Configuration is exposed and contains sensitive information, it can be exploited by attackers to gain unauthorized access, manipulate pipelines, or perform other malicious activities. This can lead to a compromise of the entire continuous delivery process and potentially expose sensitive data or disrupt the software development lifecycle.
The "GoCd Cruise Configuration disclosure" module works by sending an HTTP GET request to the "/go/add-on/business-continuity/api/cruise_config" endpoint. It then applies matching conditions to determine if the response indicates a misconfiguration. The matching conditions include checking for a successful HTTP status code (200) and the presence of specific keywords like "server agentAutoRegisterKey," "webhookSecret," and "tokenGenerationKey" in the response body.
Example HTTP request:
GET /go/add-on/business-continuity/api/cruise_config
The module matches the response against the defined conditions, and if all conditions are met, it reports the vulnerability.
Reference - https://attackerkb.com/assessments/9101a539-4c6e-4638-a2ec-12080b7e3b50 - https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover - https://twitter.com/wvuuuuuuuuuuuuu/status/1456316586831323140