CVE-2020-15768

Name of the Vulnerable Software and Affected Versions Gradle Enterprise versions 2017.3 through 2020.2.4 Gradle Enterprise Build Cache Node versions 1.0 through 9.2

Description An issue in Gradle Enterprise allows remote attackers to obtain authentication cookies through unrestricted HTTP header reflection, potentially enabling them to impersonate another user if they can discover a separate XSS vulnerability. The affected application request paths in Gradle Enterprise include /info/headers, /cache-info/headers, /admin-info/headers, and /distribution-broker-info/headers. For Gradle Enterprise Build Cache Node, the affected path is /cache-node-info/headers.

Recommendations For Gradle Enterprise versions 2017.3 through 2020.2.4, consider restricting access to the affected application request paths until a patch is available. For Gradle Enterprise Build Cache Node versions 1.0 through 9.2, restrict access to the /cache-node-info/headers path to minimize the risk of exploitation. As a temporary workaround, consider disabling the reflection of HTTP headers in the affected paths for both Gradle Enterprise and Gradle Enterprise Build Cache Node until a patch is available.