Vulnerability Description
An issue was discovered in Gradle Enterprise before 2020.2.5. The cookie used to convey the CSRF prevention token is not annotated with the “secure” attribute, which allows an attacker with the ability to MITM plain HTTP requests to obtain it, if the user mistakenly uses a HTTP instead of HTTPS address to access the server. This cookie value could then be used to perform CSRF.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Gradle | Enterprise | < 2020.2.5 |
Related Weaknesses (CWE)
References
- https://github.com/gradle/gradle/security/advisoriesThird Party Advisory
- https://security.gradle.com/advisory/CVE-2020-15767Vendor Advisory
- https://github.com/gradle/gradle/security/advisoriesThird Party Advisory
- https://security.gradle.com/advisory/CVE-2020-15767Vendor Advisory
FAQ
What is CVE-2020-15767?
CVE-2020-15767 is a vulnerability with a CVSS score of 5.3 (MEDIUM). An issue was discovered in Gradle Enterprise before 2020.2.5. The cookie used to convey the CSRF prevention token is not annotated with the “secure” attribute, which allows an attacker with the abilit...
How severe is CVE-2020-15767?
CVE-2020-15767 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-15767?
Check the references section above for vendor advisories and patch information. Affected products include: Gradle Enterprise.