Request a Demo
Rewterz
Latest Version of Hijack Loader Malware Uses Process Hollowing and UAC Bypass – Active IOCs
May 9, 2024
Rewterz
CVE-2024-28148 – Apache Superset Vulnerability
May 9, 2024

Multiple GitLab Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2023-6477 CVSS:6.7

GitLab EE could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper privilege management. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.

CVE-2023-3509 CVSS:6.1

GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request, an attacker could exploit this vulnerability to change the title of privately accessible deploy keys associated with projects in the group.

CVE-2024-1525 CVSS:5.3

GitLab Community and Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by a flaw in the password reset feature. By sending a specially crafted request using verified secondary email address, an attacker could exploit this vulnerability to reset the password and sign-in using direct authentication.

CVE-2024-0410 CVSS:7.7

GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By sending a specially crafted request using a merge conflict, an attacker could exploit this vulnerability to bypass CODEOWNERS approvals.

CVE-2023-4895 CVSS:4.3

GitLab Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information, caused by a group ip restriction settings bypass flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain environment details information of projects, and use this information to launch further attacks against the affected system.

CVE-2024-0861 CVSS:4.3

GitLab Enterprise Edition could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to change Custom dashboard projects settings.

Impact

  • Privilege Escalation
  • Security Bypass
  • Information Disclosure

Indicators of Compromise

CVE

  • CVE-2023-6477
  • CVE-2023-3509
  • CVE-2023-4895
  • CVE-2024-0861
  • CVE-2024-1525
  • CVE-2024-0410

Affected Vendors

GitLab

Affected Products

  • GitLab Enterprise Edition 12.0
  • GitLab Enterprise Edition 16.5.0
  • GitLab Enterprise Edition 16.4.0
  • GitLab Community Edition 16.8.0
  • GitLab GitLab 16.8
  • GitLab GitLab 16.9
  • GitLab Enterprise Edition 16.8
  • GitLab Enterprise Edition 16.9
  • GitLab Enterprise Edition 16.1.0
  • GitLab Community Edition 16.1.0
  • GitLab Community Edition 16.9
  • GitLab GitLab 15.1

Remediation

Upgrade to the latest version of GitLab, available from the GitLab Website.

CVE-2023-6477

CVE-2023-3509

CVE-2023-4895

CVE-2024-0861

CVE-2024-1525

CVE-2024-0410