CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-5415 – Concourse's GitLab auth allows impersonation
https://notcve.org/view.php?id=CVE-2020-5415
12 Aug 2020 — Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by way of configuring a GitLab account with the same full name as another user who is granted access to a Concourse team. GitLab groups do not have this vulnerability, so GitLab users may be moved into groups which are then configured in the Concourse team. Concourse, versiones anteriores a 6.3.1 y 6.4.1, en instalaciones que utilizan el conector de autenticación de GitLab, ... • https://github.com/concourse/concourse/security/advisories/GHSA-627p-rr78-99rj • CWE-290: Authentication Bypass by Spoofing •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2020-5409 – Concourse Open Redirect in the /sky/login endpoint
https://notcve.org/view.php?id=CVE-2020-5409
13 May 2020 — Pivotal Concourse, most versions prior to 6.0.0, allows redirects to untrusted websites in its login flow. A remote unauthenticated attacker could convince a user to click on a link using the OAuth redirect link with an untrusted website and gain access to that user's access token in Concourse. (This issue is similar to, but distinct from, CVE-2018-15798.) En Pivotal Concourse, la mayoría de las versiones anteriores a 6.0.0, permiten redireccionamientos hacia sitios web no confiables en su flujo de inicio d... • https://tanzu.vmware.com/security/cve-2020-5409 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3792 – Concourse 5.0.0 SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2019-3792
01 Apr 2019 — Pivotal Concourse version 5.0.0, contains an API that is vulnerable to SQL injection. An Concourse resource can craft a version identifier that can carry a SQL injection payload to the Concourse server, allowing the attacker to read privileged data. Pivotal Concourse versión 5.0.0, contiene una API que es vulnerable a la inyección SQL. Un recurso Concourse puede diseñar un identificador de versión que puede llevar una carga de inyección SQL al servidor Concourse, lo que permite al atacante leer datos privil... • https://pivotal.io/security/cve-2019-3792 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2019-3803 – Concourse includes token in CLI authentication callback
https://notcve.org/view.php?id=CVE-2019-3803
12 Jan 2019 — Pivotal Concourse, all versions prior to 4.2.2, puts the user access token in a url during the login flow. A remote attacker who gains access to a user's browser history could obtain the access token and use it to authenticate as the user. Pivotal Concourse, en todas las versiones anteriores a la 4.2.2, coloca el token de acceso del usuario en una URL durante el flujo de inicio de sesión. Un atacante remoto que consiga acceder al historial de navegación de un usuario podría obtener el token de acceso y empl... • https://pivotal.io/security/cve-2019-3803 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 1EXPL: 0CVE-2018-15798 – Pivotal Concourse allows malicious redirect urls on login
https://notcve.org/view.php?id=CVE-2018-15798
19 Dec 2018 — Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. A remote unauthenticated attacker could convince a user to click on a link using the oAuth redirect link with an untrusted website and gain access to that user's access token in Concourse. Pivotal Concourse Release, en versiones 4.x anteriores a la 4.2.2, el flujo de inicio de sesión permite las redirecciones a sitios web no fiables. Un atacante remoto no autenticado podría convencer a un usuario para ... • https://pivotal.io/security/cve-2018-15798 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1227
https://notcve.org/view.php?id=CVE-2018-1227
13 Mar 2018 — Pivotal Concourse after 2018-03-05 might allow remote attackers to have an unspecified impact, if a customer obtained the Concourse software from a DNS domain that is no longer controlled by Pivotal. The original domain for the Concourse CI (concourse-dot-ci) open source project has been registered by an unknown actor, and is therefore no longer the official website for Concourse CI. The new official domain is concourse-ci.org. At approximately 4 am EDT on March 7, 2018 the Concourse OSS team began receivin... • https://pivotal.io/security/cve-2018-1227 •