Critical vulnerability CVE-2023-7028 within the open supply platform GitLab permits taking management of different customers’ accounts
A critical vulnerability has been found in GitLab, an open-source platform for managing git repositories. This vulnerability may enable a distant attacker to take management of different customers’ accounts.
GitLab is an open-source platform that performs capabilities equal to these of GitHub. The corporate in command of creating it maintains a model of this software program within the cloud in order that customers can entry its capabilities, however putting in it on native servers can also be potential.
Key options
- CVE identifier: CVE-2023-7028
- Launch date: January 11, 2024
- Affected software program: GitLab
- CVSS rating: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (10.0 Critical)
- Affected variations:
- 16.1 to 16.1.5
- 16.2 to 16.2.8
- 16.3 to 16.3.6
- 16.4 to 16.4.4
- 16.5 to 16.5.5
- 16.6 to 16.6.3
- 16.7 to 16.7.1
- Exploitation necessities:
- The GitLab occasion will need to have some authentication system configured for which password reset hyperlinks work.*
- If a consumer has two-factor authentication enabled, their password may be modified, however the attacker can't steal their account.
* If a GitLab occasion is configured to make use of authentication by means of a third-party supplier, this vulnerability could not have an effect on it. If, for instance, the GitLab occasion makes use of LDAP authentication solely, and doesn't have permission to reset passwords, there could be no affect.
Mitigation
The primary resolution is to urgently replace the GitLab occasion to one of many new patched variations that repair this vulnerability:
- 16.7.2
- 16.6.4
- 16.5.6
- 16.4.5
- 16.3.7
- 16.2.9
- 16.1.6
As well as, it's endorsed to take the next countermeasures:
- If potential, the domains of the addresses to which GitLab can ship emails may be restricted from the mail server.
- It's endorsed to scale back the authentication choices to the necessities: if an organization already has delegated authentication, it is probably not essential to keep up a sort of authentication that enables password adjustments from GitLab.
GitLab has revealed a post with the official data and associated updates of this vulnerability.
Detection of the vulnerability CVE-2023-7028
The presence of the vulnerability CVE-2023-7028 may be recognized by the model quantity.
As a part of its rising vulnerabilities service, Tarlogic proactively displays the perimeter of its purchasers to report, detect, and urgently notify of the presence of this vulnerability, in addition to different critical threats that might have a critical affect on the safety of their property.
Reference