Back to KEVs

CVE-2021-43287

An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to...

Basic Information

CVE State: PUBLISHED
Reserved Date: November 02, 2021
Published Date: April 14, 2022
Last Updated: August 04, 2024
Vendor: ThoughtWorks
Product: GoCD
Description: An issue was discovered in ThoughtWorks GoCD before 21.3.0. The business continuity add-on, which is enabled by default, leaks all secrets known to the GoCD server to unauthenticated attackers.
Tags

CVSS Scores

CVSS v3.1

7.5 - HIGH

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CVSS v2.0

5.0

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS Score

Score: 89.78% (Percentile: 99.53%) as of 2025-06-18

Exploit Status

Exploited in the Wild: Yes (2025-05-19 00:00:00 UTC) Source

References

https://www.gocd.org/releases/#21-3-0 https://github.com/gocd/gocd/commit/41abc210ac4e8cfa184483c9ff1c0cc04fb3511c https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover

Known Exploited Vulnerability Information

Source	Added Date
The Shadowserver (via CIRCL)	2025-05-20 12:00:52 UTC

Scanner Integrations

Scanner	URL	Date Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2021/CVE-2021-43287.yaml	2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

Wrin9/CVE-2021-43287

Type: github • Created: 2022-05-07 02:54:59 UTC • Stars: 2

CVE-2021-43287_GoCD_fileread_POC_EXP

Timeline

CVE ID Reserved

November 02, 2021
CVE Published to Public

April 14, 2022
Detected by Nuclei

April 26, 2025
Added to KEVIntel

May 20, 2025