Request a Demo
Rewterz
Rewterz Threat Alert – Editbot Stealer: A Python-Powered Threat Aiming at Social Media Users – Active IOCs
December 28, 2023
Rewterz
Rewterz Threat Update – Rhysida Ransomware Gang Breached Multi-Specialty Hospital in Jordan
December 28, 2023

Rewterz Threat Advisory – Multiple GitLab Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-6564 CVSS:6.5

GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when subgroup is allowed to merge or push to protected branches. By sending a specially crafted request, an attacker could exploit this vulnerability to push or merge to protected branches.

CVE-2023-3511 CVSS:4.2

GitLab could allow a remote authenticated attacker to bypass security restrictions. By sending a specially crafted request, an attacker could exploit this vulnerability to fork and submit merge requests to private projects.

CVE-2023-3904 CVSS:4.3

GitLab is vulnerable to a denial of service, caused by unvalidated timeSpent value. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.

CVE-2023-6680 CVSS:7.4

GitLab could allow a remote attacker to bypass security restrictions, caused by an improper certificate validation issue in Smartcard authentication. By sending a specially crafted request, an attacker could exploit this vulnerability to authenticate as another user given their public key if they use Smartcard authentication.

CVE-2023-6051 CVSS:5.7

GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when source code or installation packages are pulled from a specific tag. By sending a specially crafted request, an attacker could exploit this vulnerability to affect file integrity.

CVE-2023-5512 CVSS:4.8

GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw when specific HTML encoding is used for file names leading for incorrect representation in the UI. By sending a specially crafted request, an attacker could exploit this vulnerability to affect file integrity.

CVE-2023-3907 CVSS:4.9

GitLab could allow a remote authenticated attacker to gain elevated privileges on the system. By using a Project Access Token, an attacker could exploit this vulnerability to escalate privileges.

CVE-2023-5061 CVSS:4.3

GitLab could allow a remote authenticated attacker to bypass security restrictions. By using the REST API, an attacker could exploit this vulnerability to bypass predefined variables.

Impact

  • Denial of Service
  • Privileges Escalation
  • Security Bypass

Indicators Of Compromise

CVE

  • CVE-2023-6564
  • CVE-2023-3511
  • CVE-2023-3904
  • CVE-2023-6680
  • CVE-2023-6051
  • CVE-2023-5512
  • CVE-2023-3907
  • CVE-2023-5061

Affected Vendors

GitLab

Affected Products

  • GitLab Enterprise Edition 16.6.1
  • GitLab Enterprise Edition 16.5.3
  • GitLab Enterprise Edition 16.4.3
  • GitLab Community Edition 16.5.3
  • GitLab Community Edition 16.6.1
  • GitLab Community Edition 16.4.3

Remediation

Refer to GitLab Website for patch, upgrade or suggested workaround information.

GitLab Website