Request a Demo
Rewterz
FormBook Malware – Active IOCs
July 1, 2024
Rewterz
Multiple Jenkins Plugins Vulnerabilities
July 1, 2024

Multiple GitLab Community and Enterprise Edition Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-4011 CVSS:3.1

GitLab Community and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to promote key results to objectives.

CVE-2024-5430 CVSS:6.8

GitLab Community and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass group's merge request approval policy.

CVE-2024-4025 CVSS:6.5

GitLab Community and Enterprise Edition are vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-4557 CVSS:6.5

GitLab Community and Enterprise Edition are vulnerable to a denial of service, caused by a flaw in the banzai pipeline. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a resource exhaustion, and results in denial of service condition.

CVE-2024-2177 CVSS:6.8

GitLab Community and Enterprise Edition could allow a remote attacker to bypass security restrictions, caused by a cross window forgery flaw. By sending a specially crafted payload, an attacker could exploit this vulnerability to abuse the OAuth authentication flow.

CVE-2024-1816 CVSS:5.3

GitLab Community and Enterprise Edition are vulnerable to a denial of service, caused by improper input validation. By using a specially crafted OpenAPI file, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.

CVE-2024-3115 CVSS:4.3

GitLab Community and Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to access issues and epics information, and use this information to launch further attacks against the affected system.

CVE-2024-2191 CVSS:5.3

GitLab Community and Enterprise Edition could allow a remote attacker to obtain sensitive information, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain the merge request title information, and use this information to launch further attacks against the affected system.

Impact

  • Security Bypass
  • Denial of Service
  • Information Disclosure

Indicators of Compromise

CVE

  • CVE-2024-4011
  • CVE-2024-5430
  • CVE-2024-4025
  • CVE-2024-4557
  • CVE-2024-2177
  • CVE-2024-1816
  • CVE-2024-3115
  • CVE-2024-2191

Affected Vendors

GitLab

Affected Products

  • GitLab Community Edition 16.11.0
  • GitLab Enterprise Edition 16.11.0
  • GitLab Community Edition 17.0.0
  • GitLab Enterprise Edition 17.0.0
  • GitLab Enterprise Edition 17.1.0
  • GitLab Community Edition 17.1.0

Remediation

Refer to GitLab Website for patch, upgrade or suggested workaround information.

GitLab Website