Multiple versions of GitLab Enterprise Edition (EE) are affected by critical vulnerability. Tracked as CVE-2023-5009, the vulnerability may allow an attacker to access confidential data or utilize the impersonated user’s elevated permissions to change the source code or launch arbitrary code on the system.
Security researcher Johan Carlsson has discovered the vulnerability and reported it to GitLab. The vulnerability has been given a critical severity rating with a CVSS score of 9.6.
GitLab is a DevOps software suite that can create, protect, and manage software in a single program. For major DevOps and DevSecOps projects, GitLab is an open-source code repository and collaborative software development platform. It provides a place for online code storage and tools for CI/CD and bug tracking.
Vulnerability Description
The vulnerability is a bypass of CVE-2023-3932, patched by GitLab in August. Successful exploitation of the vulnerability may allow an attacker to run pipelines as an arbitrary user via scheduled security scan policies.
Affected Versions
The vulnerability affects GitLab Enterprise Edition (EE) starting from 13.12 and before 16.2.7 as well as from 16.3 and before 16.3.4.
Mitigation
Customers must upgrade to the GitLab Community Edition (CE) and Enterprise Edition (EE) versions 16.3.4 and 16.2.7 to patch the vulnerability.
For more information, please refer to the GitLab Security Advisory.
Qualys Detection
Qualys customers can scan their devices with QID 378867 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.
References
https://about.gitlab.com/releases/2023/09/18/security-release-gitlab-16-3-4-released/