April 24, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Threat Actors Gain Admin Access Due to Critical Flaw in WordPress LiteSpeed Cache Plugin
August 23, 2024Amadey Botnet – Active IOCs
August 23, 2024Threat Actors Gain Admin Access Due to Critical Flaw in WordPress LiteSpeed Cache Plugin
August 23, 2024Amadey Botnet – Active IOCs
August 23, 2024
Severity
Medium
Analysis Summary
CVE-2024-6502 CVSS:5.7
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in GitLab Web Interface. By sending a specially crafted request, an attacker could exploit this vulnerability to create a branch with the same name as a deleted tag.
CVE-2024-7110 CVSS:6.4
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by prompt injection in "Resolve Vulnerability". By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary command in a victim's pipeline.
CVE-2024-3127 CVSS:4.3
GitLab Community Edition and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in GraphQL. By sending a specially crafted request, an attacker could exploit this vulnerability to perform some actions at the group level.
Impact
- Code Execution
- Security Bypass
Indicators of Compromise
CVE
- CVE-2024-6502
- CVE-2024-7110
- CVE-2024-3127
Affected Vendors
GitLab
Affected Products
- GitLab Community Edition - 17.1.5
- GitLab Community Edition - 17.2.3
- GitLab Community Edition - 17.3.0
- GitLab Enterprise Edition - 17.1.5
- GitLab Enterprise Edition - 17.2.3
- GitLab Enterprise Edition - 17.3.0
Remediation
Refer to GitLab Website for patch, upgrade or suggested workaround information.
