July 1, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
FormBook Malware – Active IOCs
July 1, 2024Multiple Jenkins Plugins Vulnerabilities
July 1, 2024FormBook Malware – Active IOCs
July 1, 2024Multiple Jenkins Plugins Vulnerabilities
July 1, 2024
Severity
Medium
Analysis Summary
CVE-2024-4011 CVSS:3.1
GitLab Community and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to promote key results to objectives.
CVE-2024-5430 CVSS:6.8
GitLab Community and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass group's merge request approval policy.
CVE-2024-4025 CVSS:6.5
GitLab Community and Enterprise Edition are vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw. By sending a specially crafted regex input, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-4557 CVSS:6.5
GitLab Community and Enterprise Edition are vulnerable to a denial of service, caused by a flaw in the banzai pipeline. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a resource exhaustion, and results in denial of service condition.
CVE-2024-2177 CVSS:6.8
GitLab Community and Enterprise Edition could allow a remote attacker to bypass security restrictions, caused by a cross window forgery flaw. By sending a specially crafted payload, an attacker could exploit this vulnerability to abuse the OAuth authentication flow.
CVE-2024-1816 CVSS:5.3
GitLab Community and Enterprise Edition are vulnerable to a denial of service, caused by improper input validation. By using a specially crafted OpenAPI file, a remote authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CVE-2024-3115 CVSS:4.3
GitLab Community and Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to access issues and epics information, and use this information to launch further attacks against the affected system.
CVE-2024-2191 CVSS:5.3
GitLab Community and Enterprise Edition could allow a remote attacker to obtain sensitive information, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain the merge request title information, and use this information to launch further attacks against the affected system.
Impact
- Security Bypass
- Denial of Service
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-4011
- CVE-2024-5430
- CVE-2024-4025
- CVE-2024-4557
- CVE-2024-2177
- CVE-2024-1816
- CVE-2024-3115
- CVE-2024-2191
Affected Vendors
GitLab
Affected Products
- GitLab Community Edition 16.11.0
- GitLab Enterprise Edition 16.11.0
- GitLab Community Edition 17.0.0
- GitLab Enterprise Edition 17.0.0
- GitLab Enterprise Edition 17.1.0
- GitLab Community Edition 17.1.0
Remediation
Refer to GitLab Website for patch, upgrade or suggested workaround information.