CVE & CISA-KEV Catalog

CVE-2024-56321

LOW
3.8
CVSS v3
NVD

Description

GoCD is a continuous deliver server. GoCD versions 18.9.0 through 24.4.0 (inclusive) can allow GoCD admins to abuse the backup configuration "post-backup script" feature to potentially execute arbitrary scripts on the hosting server or container as GoCD's user, rather than pre-configured scripts. In practice the impact of this vulnerability is limited, as in most configurations a user who can log into the GoCD UI as an admin also has host administration permissions for the host/container that GoCD runs on, in order to manage artifact storage and other service-level configuration options. Additionally, since a GoCD admin has ability to configure and schedule pipelines tasks on all GoCD agents available to the server, the fundamental functionality of GoCD allows co-ordinated task execution similar to that of post-backup-scripts. However in restricted environments where the host administration is separated from the role of a GoCD admin, this may be unexpected. The issue is fixed in GoCD 24.5.0. Post-backup scripts can no longer be executed from within certain sensitive locations on the GoCD server. No known workarounds are available.

How to fix

Remediation Available
gocdNVD
Affected:>= 18.9.0, < 24.5.0Fixed in:24.5.0CVE-2024-56321derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredHigh
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityLow
IntegrityLow
AvailabilityNone

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Exploit Intelligence

0.54%probability of exploitation in 30 days
41stpercentile

Moderate risk: more likely to be exploited than 41% of all known CVEs.

References

Vendor Advisory1
Release Notes2
Embed a live status badge for CVE-2024-56321
CVE-2024-56321 severity badge

Markdown

[![CVE-2024-56321](https://tridentstack.com/cve/badge/CVE-2024-56321.svg)](https://tridentstack.com/cve/CVE-2024-56321)

HTML

<a href="https://tridentstack.com/cve/CVE-2024-56321"><img src="https://tridentstack.com/cve/badge/CVE-2024-56321.svg" alt="CVE-2024-56321"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2025-08-01.