Multiple vulnerabilities in GitLab Community Edition (CE) and Enterprise Edition (EE)
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2024-0199 CVE-2024-1299 |
| CWE-ID | CWE-285 CWE-264 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Gitlab Community Edition Universal components / Libraries / Software for developers GitLab Enterprise Edition Universal components / Libraries / Software for developers |
| Vendor | GitLab, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improper Authorization
EUVDB-ID: #VU87171
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-0199
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authorization checks.
The vulnerability exists due to improper authorization. A remote user can bypass CODEOWNERS by utilizing a crafted payload in an old feature branch to perform malicious actions.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 11.3 - 16.9.1
GitLab Enterprise Edition: 11.3.0 - 16.9.1
CPE2.3- cpe:2.3:a:gitlab:gitlab:11.11.8:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:11.11.7:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:11.11.5:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab-ee:11.11.8:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab-ee:11.11.7:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab-ee:11.7.3:*:*:*:*:*:*:*
http://gitlab.com/gitlab-org/gitlab/-/issues/436977
http://hackerone.com/reports/2295423
http://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU87173
Risk: Low
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2024-1299
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a remote user to escalate privileges on the system.
The vulnerability exists due to application does not properly impose security restrictions. A remote administrator can rotate and see group access token with owner permissions.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGitlab Community Edition: 16.8.0 - 16.9.1
GitLab Enterprise Edition: 16.8.0 - 16.9.1
CPE2.3- cpe:2.3:a:gitlab:gitlab:16.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:16.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:16.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab-ee:16.8.3:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab-ee:16.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab-ee:16.8.1:*:*:*:*:*:*:*
http://gitlab.com/gitlab-org/gitlab/-/issues/440745
http://hackerone.com/reports/2356976
http://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
