CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5415

Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by way of configuring a GitLab account with the same full name as another user who is granted access to a Concourse team. GitLab groups do not have this vulnerability, so GitLab users may be moved into groups which are then configured in the Concourse team.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 49.1%

CVSS Severity

CVSS v3 Score 10.0

CVSS v2 Score 6.4

References

Products affected by CVE-2020-5415

Pivotal Software » Concourse » Version: 0.1.0

cpe:2.3:a:pivotal_software:concourse:0.1.0
Pivotal Software » Concourse » Version: 0.10.0

cpe:2.3:a:pivotal_software:concourse:0.10.0
Pivotal Software » Concourse » Version: 0.11.0

cpe:2.3:a:pivotal_software:concourse:0.11.0
Pivotal Software » Concourse » Version: 0.12.0

cpe:2.3:a:pivotal_software:concourse:0.12.0
Pivotal Software » Concourse » Version: 0.13.0

cpe:2.3:a:pivotal_software:concourse:0.13.0
Pivotal Software » Concourse » Version: 0.14.0

cpe:2.3:a:pivotal_software:concourse:0.14.0
Pivotal Software » Concourse » Version: 0.15.0

cpe:2.3:a:pivotal_software:concourse:0.15.0
Pivotal Software » Concourse » Version: 0.16.0

cpe:2.3:a:pivotal_software:concourse:0.16.0
Pivotal Software » Concourse » Version: 0.17.0

cpe:2.3:a:pivotal_software:concourse:0.17.0
Pivotal Software » Concourse » Version: 0.18.0

cpe:2.3:a:pivotal_software:concourse:0.18.0
Pivotal Software » Concourse » Version: 0.19.0

cpe:2.3:a:pivotal_software:concourse:0.19.0
Pivotal Software » Concourse » Version: 0.2.0

cpe:2.3:a:pivotal_software:concourse:0.2.0
Pivotal Software » Concourse » Version: 0.20.0

cpe:2.3:a:pivotal_software:concourse:0.20.0
Pivotal Software » Concourse » Version: 0.21.0

cpe:2.3:a:pivotal_software:concourse:0.21.0
Pivotal Software » Concourse » Version: 0.22.0

cpe:2.3:a:pivotal_software:concourse:0.22.0
Pivotal Software » Concourse » Version: 0.23.0

cpe:2.3:a:pivotal_software:concourse:0.23.0
Pivotal Software » Concourse » Version: 0.24.0

cpe:2.3:a:pivotal_software:concourse:0.24.0
Pivotal Software » Concourse » Version: 0.25.0

cpe:2.3:a:pivotal_software:concourse:0.25.0
Pivotal Software » Concourse » Version: 0.26.0

cpe:2.3:a:pivotal_software:concourse:0.26.0
Pivotal Software » Concourse » Version: 0.27.0

cpe:2.3:a:pivotal_software:concourse:0.27.0
Pivotal Software » Concourse » Version: 0.28.0

cpe:2.3:a:pivotal_software:concourse:0.28.0
Pivotal Software » Concourse » Version: 0.29.0

cpe:2.3:a:pivotal_software:concourse:0.29.0
Pivotal Software » Concourse » Version: 0.3.0

cpe:2.3:a:pivotal_software:concourse:0.3.0
Pivotal Software » Concourse » Version: 0.30.0

cpe:2.3:a:pivotal_software:concourse:0.30.0
Pivotal Software » Concourse » Version: 0.31.0

cpe:2.3:a:pivotal_software:concourse:0.31.0
Pivotal Software » Concourse » Version: 0.32.0

cpe:2.3:a:pivotal_software:concourse:0.32.0
Pivotal Software » Concourse » Version: 0.33.0

cpe:2.3:a:pivotal_software:concourse:0.33.0
Pivotal Software » Concourse » Version: 0.34.0

cpe:2.3:a:pivotal_software:concourse:0.34.0
Pivotal Software » Concourse » Version: 0.35.0

cpe:2.3:a:pivotal_software:concourse:0.35.0
Pivotal Software » Concourse » Version: 0.36.0

cpe:2.3:a:pivotal_software:concourse:0.36.0
Pivotal Software » Concourse » Version: 0.37.0

cpe:2.3:a:pivotal_software:concourse:0.37.0
Pivotal Software » Concourse » Version: 0.38.0

cpe:2.3:a:pivotal_software:concourse:0.38.0
Pivotal Software » Concourse » Version: 0.39.0

cpe:2.3:a:pivotal_software:concourse:0.39.0
Pivotal Software » Concourse » Version: 0.4.0

cpe:2.3:a:pivotal_software:concourse:0.4.0
Pivotal Software » Concourse » Version: 0.40.0

cpe:2.3:a:pivotal_software:concourse:0.40.0
Pivotal Software » Concourse » Version: 0.41.0

cpe:2.3:a:pivotal_software:concourse:0.41.0
Pivotal Software » Concourse » Version: 0.42.0

cpe:2.3:a:pivotal_software:concourse:0.42.0
Pivotal Software » Concourse » Version: 0.43.0

cpe:2.3:a:pivotal_software:concourse:0.43.0
Pivotal Software » Concourse » Version: 0.44.0

cpe:2.3:a:pivotal_software:concourse:0.44.0
Pivotal Software » Concourse » Version: 0.45.0

cpe:2.3:a:pivotal_software:concourse:0.45.0
Pivotal Software » Concourse » Version: 0.46.0

cpe:2.3:a:pivotal_software:concourse:0.46.0
Pivotal Software » Concourse » Version: 0.47.0

cpe:2.3:a:pivotal_software:concourse:0.47.0
Pivotal Software » Concourse » Version: 0.48.0

cpe:2.3:a:pivotal_software:concourse:0.48.0
Pivotal Software » Concourse » Version: 0.49.0

cpe:2.3:a:pivotal_software:concourse:0.49.0
Pivotal Software » Concourse » Version: 0.5.0

cpe:2.3:a:pivotal_software:concourse:0.5.0
Pivotal Software » Concourse » Version: 0.50.0

cpe:2.3:a:pivotal_software:concourse:0.50.0
Pivotal Software » Concourse » Version: 0.51.0

cpe:2.3:a:pivotal_software:concourse:0.51.0
Pivotal Software » Concourse » Version: 0.52.0

cpe:2.3:a:pivotal_software:concourse:0.52.0
Pivotal Software » Concourse » Version: 0.53.0

cpe:2.3:a:pivotal_software:concourse:0.53.0
Pivotal Software » Concourse » Version: 0.54.0

cpe:2.3:a:pivotal_software:concourse:0.54.0
Pivotal Software » Concourse » Version: 0.55.0

cpe:2.3:a:pivotal_software:concourse:0.55.0
Pivotal Software » Concourse » Version: 0.56.0

cpe:2.3:a:pivotal_software:concourse:0.56.0
Pivotal Software » Concourse » Version: 0.57.0

cpe:2.3:a:pivotal_software:concourse:0.57.0
Pivotal Software » Concourse » Version: 0.58.0

cpe:2.3:a:pivotal_software:concourse:0.58.0
Pivotal Software » Concourse » Version: 0.59.0

cpe:2.3:a:pivotal_software:concourse:0.59.0
Pivotal Software » Concourse » Version: 0.59.1

cpe:2.3:a:pivotal_software:concourse:0.59.1
Pivotal Software » Concourse » Version: 0.6.0

cpe:2.3:a:pivotal_software:concourse:0.6.0
Pivotal Software » Concourse » Version: 0.60.0

cpe:2.3:a:pivotal_software:concourse:0.60.0
Pivotal Software » Concourse » Version: 0.60.1

cpe:2.3:a:pivotal_software:concourse:0.60.1
Pivotal Software » Concourse » Version: 0.61.0

cpe:2.3:a:pivotal_software:concourse:0.61.0
Pivotal Software » Concourse » Version: 0.62.0

cpe:2.3:a:pivotal_software:concourse:0.62.0
Pivotal Software » Concourse » Version: 0.62.1

cpe:2.3:a:pivotal_software:concourse:0.62.1
Pivotal Software » Concourse » Version: 0.63.0

cpe:2.3:a:pivotal_software:concourse:0.63.0
Pivotal Software » Concourse » Version: 0.64.0

cpe:2.3:a:pivotal_software:concourse:0.64.0
Pivotal Software » Concourse » Version: 0.64.1

cpe:2.3:a:pivotal_software:concourse:0.64.1
Pivotal Software » Concourse » Version: 0.65.0

cpe:2.3:a:pivotal_software:concourse:0.65.0
Pivotal Software » Concourse » Version: 0.65.1

cpe:2.3:a:pivotal_software:concourse:0.65.1
Pivotal Software » Concourse » Version: 0.66.0

cpe:2.3:a:pivotal_software:concourse:0.66.0
Pivotal Software » Concourse » Version: 0.66.1

cpe:2.3:a:pivotal_software:concourse:0.66.1
Pivotal Software » Concourse » Version: 0.67.0

cpe:2.3:a:pivotal_software:concourse:0.67.0
Pivotal Software » Concourse » Version: 0.67.1

cpe:2.3:a:pivotal_software:concourse:0.67.1
Pivotal Software » Concourse » Version: 0.68.0

cpe:2.3:a:pivotal_software:concourse:0.68.0
Pivotal Software » Concourse » Version: 0.69.0

cpe:2.3:a:pivotal_software:concourse:0.69.0
Pivotal Software » Concourse » Version: 0.69.1

cpe:2.3:a:pivotal_software:concourse:0.69.1
Pivotal Software » Concourse » Version: 0.7.0

cpe:2.3:a:pivotal_software:concourse:0.7.0
Pivotal Software » Concourse » Version: 0.70.0

cpe:2.3:a:pivotal_software:concourse:0.70.0
Pivotal Software » Concourse » Version: 0.71.0

cpe:2.3:a:pivotal_software:concourse:0.71.0
Pivotal Software » Concourse » Version: 0.71.1

cpe:2.3:a:pivotal_software:concourse:0.71.1
Pivotal Software » Concourse » Version: 0.72.0

cpe:2.3:a:pivotal_software:concourse:0.72.0
Pivotal Software » Concourse » Version: 0.72.1

cpe:2.3:a:pivotal_software:concourse:0.72.1
Pivotal Software » Concourse » Version: 0.73.0

cpe:2.3:a:pivotal_software:concourse:0.73.0
Pivotal Software » Concourse » Version: 0.74.0

cpe:2.3:a:pivotal_software:concourse:0.74.0
Pivotal Software » Concourse » Version: 0.75.0

cpe:2.3:a:pivotal_software:concourse:0.75.0
Pivotal Software » Concourse » Version: 0.76.0

cpe:2.3:a:pivotal_software:concourse:0.76.0
Pivotal Software » Concourse » Version: 0.8.0

cpe:2.3:a:pivotal_software:concourse:0.8.0
Pivotal Software » Concourse » Version: 0.9.0

cpe:2.3:a:pivotal_software:concourse:0.9.0
Pivotal Software » Concourse » Version: 1.0.0

cpe:2.3:a:pivotal_software:concourse:1.0.0
Pivotal Software » Concourse » Version: 1.0.1

cpe:2.3:a:pivotal_software:concourse:1.0.1
Pivotal Software » Concourse » Version: 1.1.0

cpe:2.3:a:pivotal_software:concourse:1.1.0
Pivotal Software » Concourse » Version: 1.2.0

cpe:2.3:a:pivotal_software:concourse:1.2.0
Pivotal Software » Concourse » Version: 1.3.0

cpe:2.3:a:pivotal_software:concourse:1.3.0
Pivotal Software » Concourse » Version: 1.3.1

cpe:2.3:a:pivotal_software:concourse:1.3.1
Pivotal Software » Concourse » Version: 1.4.0

cpe:2.3:a:pivotal_software:concourse:1.4.0
Pivotal Software » Concourse » Version: 1.4.1

cpe:2.3:a:pivotal_software:concourse:1.4.1
Pivotal Software » Concourse » Version: 1.5.0

cpe:2.3:a:pivotal_software:concourse:1.5.0
Pivotal Software » Concourse » Version: 1.5.1

cpe:2.3:a:pivotal_software:concourse:1.5.1
Pivotal Software » Concourse » Version: 1.6.0

cpe:2.3:a:pivotal_software:concourse:1.6.0
Pivotal Software » Concourse » Version: 2.0.0

cpe:2.3:a:pivotal_software:concourse:2.0.0
Pivotal Software » Concourse » Version: 2.0.1

cpe:2.3:a:pivotal_software:concourse:2.0.1
Pivotal Software » Concourse » Version: 2.0.2

cpe:2.3:a:pivotal_software:concourse:2.0.2
Pivotal Software » Concourse » Version: 2.1.0

cpe:2.3:a:pivotal_software:concourse:2.1.0
Pivotal Software » Concourse » Version: 2.2.0

cpe:2.3:a:pivotal_software:concourse:2.2.0
Pivotal Software » Concourse » Version: 2.2.1

cpe:2.3:a:pivotal_software:concourse:2.2.1
Pivotal Software » Concourse » Version: 2.3.0

cpe:2.3:a:pivotal_software:concourse:2.3.0
Pivotal Software » Concourse » Version: 2.3.1

cpe:2.3:a:pivotal_software:concourse:2.3.1
Pivotal Software » Concourse » Version: 2.4.0

cpe:2.3:a:pivotal_software:concourse:2.4.0
Pivotal Software » Concourse » Version: 2.5.0

cpe:2.3:a:pivotal_software:concourse:2.5.0
Pivotal Software » Concourse » Version: 2.5.1

cpe:2.3:a:pivotal_software:concourse:2.5.1
Pivotal Software » Concourse » Version: 2.6.0

cpe:2.3:a:pivotal_software:concourse:2.6.0
Pivotal Software » Concourse » Version: 2.7.0

cpe:2.3:a:pivotal_software:concourse:2.7.0
Pivotal Software » Concourse » Version: 2.7.1

cpe:2.3:a:pivotal_software:concourse:2.7.1
Pivotal Software » Concourse » Version: 2.7.2

cpe:2.3:a:pivotal_software:concourse:2.7.2
Pivotal Software » Concourse » Version: 2.7.3

cpe:2.3:a:pivotal_software:concourse:2.7.3
Pivotal Software » Concourse » Version: 2.7.4

cpe:2.3:a:pivotal_software:concourse:2.7.4
Pivotal Software » Concourse » Version: 2.7.5

cpe:2.3:a:pivotal_software:concourse:2.7.5
Pivotal Software » Concourse » Version: 2.7.6

cpe:2.3:a:pivotal_software:concourse:2.7.6
Pivotal Software » Concourse » Version: 2.7.7

cpe:2.3:a:pivotal_software:concourse:2.7.7
Pivotal Software » Concourse » Version: 3.0.0

cpe:2.3:a:pivotal_software:concourse:3.0.0
Pivotal Software » Concourse » Version: 3.0.1

cpe:2.3:a:pivotal_software:concourse:3.0.1
Pivotal Software » Concourse » Version: 3.1.0

cpe:2.3:a:pivotal_software:concourse:3.1.0
Pivotal Software » Concourse » Version: 3.1.1

cpe:2.3:a:pivotal_software:concourse:3.1.1
Pivotal Software » Concourse » Version: 3.10.0

cpe:2.3:a:pivotal_software:concourse:3.10.0
Pivotal Software » Concourse » Version: 3.11.0

cpe:2.3:a:pivotal_software:concourse:3.11.0
Pivotal Software » Concourse » Version: 3.12.0

cpe:2.3:a:pivotal_software:concourse:3.12.0
Pivotal Software » Concourse » Version: 3.13.0

cpe:2.3:a:pivotal_software:concourse:3.13.0
Pivotal Software » Concourse » Version: 3.14.0

cpe:2.3:a:pivotal_software:concourse:3.14.0
Pivotal Software » Concourse » Version: 3.14.1

cpe:2.3:a:pivotal_software:concourse:3.14.1
Pivotal Software » Concourse » Version: 3.2.0

cpe:2.3:a:pivotal_software:concourse:3.2.0
Pivotal Software » Concourse » Version: 3.2.1

cpe:2.3:a:pivotal_software:concourse:3.2.1
Pivotal Software » Concourse » Version: 3.3.0

cpe:2.3:a:pivotal_software:concourse:3.3.0
Pivotal Software » Concourse » Version: 3.3.1

cpe:2.3:a:pivotal_software:concourse:3.3.1
Pivotal Software » Concourse » Version: 3.3.2

cpe:2.3:a:pivotal_software:concourse:3.3.2
Pivotal Software » Concourse » Version: 3.3.3

cpe:2.3:a:pivotal_software:concourse:3.3.3
Pivotal Software » Concourse » Version: 3.3.4

cpe:2.3:a:pivotal_software:concourse:3.3.4
Pivotal Software » Concourse » Version: 3.4.0

cpe:2.3:a:pivotal_software:concourse:3.4.0
Pivotal Software » Concourse » Version: 3.4.1

cpe:2.3:a:pivotal_software:concourse:3.4.1
Pivotal Software » Concourse » Version: 3.5.0

cpe:2.3:a:pivotal_software:concourse:3.5.0
Pivotal Software » Concourse » Version: 3.6.0

cpe:2.3:a:pivotal_software:concourse:3.6.0
Pivotal Software » Concourse » Version: 3.7.0

cpe:2.3:a:pivotal_software:concourse:3.7.0
Pivotal Software » Concourse » Version: 3.8.0

cpe:2.3:a:pivotal_software:concourse:3.8.0
Pivotal Software » Concourse » Version: 3.9.0

cpe:2.3:a:pivotal_software:concourse:3.9.0
Pivotal Software » Concourse » Version: 3.9.1

cpe:2.3:a:pivotal_software:concourse:3.9.1
Pivotal Software » Concourse » Version: 3.9.2

cpe:2.3:a:pivotal_software:concourse:3.9.2
Pivotal Software » Concourse » Version: 4.0.0

cpe:2.3:a:pivotal_software:concourse:4.0.0
Pivotal Software » Concourse » Version: 4.1.0

cpe:2.3:a:pivotal_software:concourse:4.1.0
Pivotal Software » Concourse » Version: 4.2.0

cpe:2.3:a:pivotal_software:concourse:4.2.0
Pivotal Software » Concourse » Version: 4.2.1

cpe:2.3:a:pivotal_software:concourse:4.2.1
Pivotal Software » Concourse » Version: 4.2.2

cpe:2.3:a:pivotal_software:concourse:4.2.2
Pivotal Software » Concourse » Version: 4.2.3

cpe:2.3:a:pivotal_software:concourse:4.2.3
Pivotal Software » Concourse » Version: 5.0.0

cpe:2.3:a:pivotal_software:concourse:5.0.0
Pivotal Software » Concourse » Version: 5.0.1

cpe:2.3:a:pivotal_software:concourse:5.0.1
Pivotal Software » Concourse » Version: 5.1.0

cpe:2.3:a:pivotal_software:concourse:5.1.0
Pivotal Software » Concourse » Version: 5.2.0

cpe:2.3:a:pivotal_software:concourse:5.2.0
Pivotal Software » Concourse » Version: 5.2.1

cpe:2.3:a:pivotal_software:concourse:5.2.1
Pivotal Software » Concourse » Version: 5.2.2

cpe:2.3:a:pivotal_software:concourse:5.2.2
Pivotal Software » Concourse » Version: 5.2.3

cpe:2.3:a:pivotal_software:concourse:5.2.3
Pivotal Software » Concourse » Version: 5.2.4

cpe:2.3:a:pivotal_software:concourse:5.2.4
Pivotal Software » Concourse » Version: 5.2.5

cpe:2.3:a:pivotal_software:concourse:5.2.5
Pivotal Software » Concourse » Version: 5.2.6

cpe:2.3:a:pivotal_software:concourse:5.2.6
Pivotal Software » Concourse » Version: 5.2.7

cpe:2.3:a:pivotal_software:concourse:5.2.7
Pivotal Software » Concourse » Version: 5.2.8

cpe:2.3:a:pivotal_software:concourse:5.2.8
Pivotal Software » Concourse » Version: 5.3.0

cpe:2.3:a:pivotal_software:concourse:5.3.0
Pivotal Software » Concourse » Version: 5.4.0

cpe:2.3:a:pivotal_software:concourse:5.4.0
Pivotal Software » Concourse » Version: 5.4.1

cpe:2.3:a:pivotal_software:concourse:5.4.1
Pivotal Software » Concourse » Version: 5.5.0

cpe:2.3:a:pivotal_software:concourse:5.5.0
Pivotal Software » Concourse » Version: 5.5.1

cpe:2.3:a:pivotal_software:concourse:5.5.1
Pivotal Software » Concourse » Version: 5.5.10

cpe:2.3:a:pivotal_software:concourse:5.5.10
Pivotal Software » Concourse » Version: 5.5.11

cpe:2.3:a:pivotal_software:concourse:5.5.11
Pivotal Software » Concourse » Version: 5.5.3

cpe:2.3:a:pivotal_software:concourse:5.5.3
Pivotal Software » Concourse » Version: 5.5.4

cpe:2.3:a:pivotal_software:concourse:5.5.4
Pivotal Software » Concourse » Version: 5.5.5

cpe:2.3:a:pivotal_software:concourse:5.5.5
Pivotal Software » Concourse » Version: 5.5.6

cpe:2.3:a:pivotal_software:concourse:5.5.6
Pivotal Software » Concourse » Version: 5.5.7

cpe:2.3:a:pivotal_software:concourse:5.5.7
Pivotal Software » Concourse » Version: 5.5.8

cpe:2.3:a:pivotal_software:concourse:5.5.8
Pivotal Software » Concourse » Version: 5.5.9

cpe:2.3:a:pivotal_software:concourse:5.5.9
Pivotal Software » Concourse » Version: 5.6.0

cpe:2.3:a:pivotal_software:concourse:5.6.0
Pivotal Software » Concourse » Version: 5.7.0

cpe:2.3:a:pivotal_software:concourse:5.7.0
Pivotal Software » Concourse » Version: 5.7.1

cpe:2.3:a:pivotal_software:concourse:5.7.1
Pivotal Software » Concourse » Version: 5.7.2

cpe:2.3:a:pivotal_software:concourse:5.7.2
Pivotal Software » Concourse » Version: 5.8.0

cpe:2.3:a:pivotal_software:concourse:5.8.0
Pivotal Software » Concourse » Version: 5.8.1

cpe:2.3:a:pivotal_software:concourse:5.8.1
Pivotal Software » Concourse » Version: 6.0.0

cpe:2.3:a:pivotal_software:concourse:6.0.0
Pivotal Software » Concourse » Version: 6.1.0

cpe:2.3:a:pivotal_software:concourse:6.1.0
Pivotal Software » Concourse » Version: 6.2.0

cpe:2.3:a:pivotal_software:concourse:6.2.0
Pivotal Software » Concourse » Version: 6.3.0

cpe:2.3:a:pivotal_software:concourse:6.3.0
Pivotal Software » Concourse » Version: 6.4.0

cpe:2.3:a:pivotal_software:concourse:6.4.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5415

Products

Pricing

Contact Us