Severity
High
Analysis Summary
CVE-2023-6033 CVSS:8.7
GitLab Community and Enterprise Edition are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2023-6396 CVSS:8.1
GitLab Community and Enterprise Edition could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper permission validation. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CVE-2023-3949 CVSS:5.3
GitLab Community and Enterprise Edition could allow a remote attacker to obtain sensitive information, caused by improper permission assignment. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain the release description in public projects, and use this information to launch further attacks against the affected system.
CVE-2023-5226 CVSS:4.8
GitLab Community and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper input validation. By sending a specially crafted request using the branch name, an attacker could exploit this vulnerability to manipulate repository content in the UI.
CVE-2023-5995 CVSS:4.4
GitLab Community and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request using the policy bot, an attacker could exploit this vulnerability to gain access to internal projects.
CVE-2023-4912 CVSS:4.3
GitLab Community and Enterprise Edition are vulnerable to a denial of service, caused by improper input validation. By sending a specially crafted mermaid diagram input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2023-4317 CVSS:4.3
GitLab Community and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to update a pipeline schedule from an unprotected branch to a protected branch.
CVE-2023-3964 CVSS:4.3
GitLab Community and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to access composer packages on public projects.
CVE-2023-3443 CVSS:3.1
GitLab Community and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to add an emoji on confidential work items.
Impact
- Denial of Service
- Security Bypass
- Cross-Site Scripting
- Privileges Escalation
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-6033
- CVE-2023-6396
- CVE-2023-3949
- CVE-2023-5226
- CVE-2023-5995
- CVE-2023-4912
- CVE-2023-4317
- CVE-2023-3964
- CVE-2023-3443
Affected Vendors
GitLab
Affected Products
- GitLab Enterprise Edition 16.5.0
- GitLab Community Edition 16.5.0
- GitLab Enterprise Edition 16.4.0
- GitLab Enterprise Edition 16.6.0
- GitLab Community Edition 16.4.0
- GitLab Community Edition 16.6.0
Remediation
Refer to GitLab Website for patch, upgrade or suggested workaround information.