Travis CI, a continuous integration and continuous delivery (CI/CD) service for cloud platform projects, admitted to an issue in a post on its community forums.
Any public repository forked from another one could file a pull request (standard functionality e.g in GitHub, BitBucket, Assembla) and while doing it, obtain unauthorized access to secret from the original public repository with a condition of printing some of the flies during the build process.
The vendor resolved the underlying problem with a series of security patches, ans urged the users to change to their passcodes and authentication tokens as a precaution.
TPRM report: https://scoringcyber.rankiteo.com/company/travis-ci
"id": "tra222827123",
"linkid": "travis-ci",
"type": "Vulnerability",
"date": "09/2021",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"{'affected_entities': [{'industry': 'Cloud Platform',
'name': 'Travis CI',
'type': 'Service Provider'}],
'attack_vector': 'Exploitation of CI/CD Feature',
'data_breach': {'type_of_data_compromised': ['Secrets']},
'description': 'Any public repository forked from another one could file a '
'pull request and obtain unauthorized access to secrets from '
'the original public repository with a condition of printing '
'some of the files during the build process.',
'impact': {'data_compromised': ['Secrets'],
'systems_affected': ['CI/CD Pipelines']},
'references': [{'source': 'Travis CI Community Forums'}],
'response': {'communication_strategy': ['Public Disclosure on Community '
'Forums'],
'containment_measures': ['Security Patches'],
'recovery_measures': ['Change of passcodes and authentication '
'tokens'],
'remediation_measures': ['Security Patches']},
'title': 'Unauthorized Access to Secrets in Travis CI',
'type': 'Unauthorized Access',
'vulnerability_exploited': 'Unauthorized access to secrets during pull '
'request process'}