Impact
The vulnerability arises because Woodpecker CI’s gRPC layer accepts a client‑supplied `agent_id` in the metadata even after it has validated the JWT. Consequently, any authenticated agent can forge the `agent_id` header and masquerade as another agent on the same server. This allows an attacker to execute jobs, push artifacts or otherwise act with the privileges of the impersonated agent, potentially accessing data, modifying pipelines, or impacting other tenants. The flaw is an authentication bypass (CWE‑290) combined with improper authorization enforcement (CWE‑639).
Affected Systems
Versions of Woodpecker CI from 3.0.0 up to, but not including, 3.14.1 are affected. The fix was introduced in 3.14.1. Woodpecker CI is an open‑source continuous integration and deployment platform.
Risk and Exploitability
The CVSS score of 7.1 indicates a high severity. The EPSS is not available, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires an authenticated agent, so the attack vector is essentially authenticated internal traffic. An attacker with valid credentials, or a compromised agent token, can exploit the flaw by crafting a gRPC request with a forged `agent_id` in the metadata and force the server to treat the request as coming from a different agent. No additional software or escalated privileges are needed beyond the authenticated agent context.
OpenCVE Enrichment