CVE-2024-56320

Name of the Vulnerable Software and Affected Versions GoCD versions prior to 24.5.0

Description The issue is related to improper authorization of access to the admin "Configuration XML" UI feature and its associated API in the GoCD system, allowing a malicious insider or existing authenticated user to escalate their privileges to that of a GoCD admin. The vulnerability can be exploited by a remote attacker, but it requires existing authentication. The estimated number of potentially affected devices is not specified.

Recommendations For GoCD versions prior to 24.5.0, upgrade to version 24.5.0 to fix the issue. As a temporary workaround, consider using a reverse proxy, WAF, or similar to externally block access paths with a /go/rails/ prefix. If it is not possible to upgrade or block the above route, consider reducing the GoCD user base to a more trusted set of users, including temporarily disabling the use of plugins such as the guest-login-plugin.