Travis CI

Travis CI

Travis CI, a continuous integration and continuous delivery (CI/CD) service for cloud platform projects, admitted to an issue in a post on its community forums.

Any public repository forked from another one could file a pull request (standard functionality e.g in GitHub, BitBucket, Assembla) and while doing it, obtain unauthorized access to secret from the original public repository with a condition of printing some of the flies during the build process.

The vendor resolved the underlying problem with a series of security patches, ans urged the users to change to their passcodes and authentication tokens as a precaution.

Source: https://portswigger.net/daily-swig/credential-leak-fears-raised-following-security-breach-at-travis-ci

TPRM report: https://scoringcyber.rankiteo.com/company/travis-ci

"id": "tra222827123",
"linkid": "travis-ci",
"type": "Vulnerability",
"date": "09/2021",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"
{'affected_entities': [{'industry': 'Cloud Platform',
                        'name': 'Travis CI',
                        'type': 'Service Provider'}],
 'attack_vector': 'Exploitation of CI/CD Feature',
 'data_breach': {'type_of_data_compromised': ['Secrets']},
 'description': 'Any public repository forked from another one could file a '
                'pull request and obtain unauthorized access to secrets from '
                'the original public repository with a condition of printing '
                'some of the files during the build process.',
 'impact': {'data_compromised': ['Secrets'],
            'systems_affected': ['CI/CD Pipelines']},
 'references': [{'source': 'Travis CI Community Forums'}],
 'response': {'communication_strategy': ['Public Disclosure on Community '
                                         'Forums'],
              'containment_measures': ['Security Patches'],
              'recovery_measures': ['Change of passcodes and authentication '
                                    'tokens'],
              'remediation_measures': ['Security Patches']},
 'title': 'Unauthorized Access to Secrets in Travis CI',
 'type': 'Unauthorized Access',
 'vulnerability_exploited': 'Unauthorized access to secrets during pull '
                            'request process'}
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.