March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
November 1, 2023Rewterz Threat Alert – Emergence of ExelaStealer: A Cost-Effective Cyber Threat – Active IOCs
November 1, 2023Rewterz Threat Alert – APT Group Gamaredon aka Shuckworm – Active IOCs
November 1, 2023Rewterz Threat Alert – Emergence of ExelaStealer: A Cost-Effective Cyber Threat – Active IOCs
November 1, 2023
Severity
Medium
Analysis Summary
CVE-2023-3246 CVSS:4.3
GitLab Community Edition and Enterprise Edition are vulnerable to a denial of service. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to block Sidekiq job processor.
CVE-2023-3909 CVSS:4.3
GitLab Community Edition and Enterprise Edition are vulnerable to a denial of service. By adding a large string in timeout input in gitlab-ci.yml file, a remote authenticated attacker could exploit this vulnerability to cause a regular expression denial of service.
CVE-2023-5831 CVSS:3.7
GitLab Community Edition and Enterprise Edition could allow a remote attacker to obtain sensitive information, caused by a flaw when super_sidebar_logged_out feature flag is enabled. By sending a specially crafted requests, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVE-2023-4700 CVSS:3.5
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions. By sending a specially crafted request, an attacker could exploit this vulnerability to run jobs in protected environments, bypassing any required approvals.
CVE-2023-5600 CVSS:4.3
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information. By using the service-desk template, a remote attacker could exploit this vulnerability to obtain titles.
CVE-2023-5825 CVSS:6.5
GitLab Community Edition and Enterprise Edition are vulnerable to a denial of service, caused by an infinite loop. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause the server to exhaust all available memory.
CVE-2023-3399 CVSS:6.5
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information. By using the custom project templates, a remote attacker could exploit this vulnerability to read the CI/CD variables.
Impact
- Denial of Service
- Information Disclosure
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-3246
- CVE-2023-3909
- CVE-2023-5831
- CVE-2023-4700
- CVE-2023-5600
- CVE-2023-5825
- CVE-2023-3399
Affected Vendors
GitLab
Affected Products
- GitLab Enterprise Edition 16.5.0
- GitLab Community Edition 16.5.0
- GitLab Enterprise Edition 16.4.1
- GitLab Community Edition 16.4.1
- GitLab Enterprise Edition 16.3.5
- GitLab Community Edition 16.3.5
Remediation
Upgrade to the latest version of GitLab Community Edition (CE) and Enterprise Edition (EE), available from the GitLab Web site.