Security News > 2023 > September > GitLab fixes critical vulnerability, patch now! (CVE-2023-5009)
![GitLab fixes critical vulnerability, patch now! (CVE-2023-5009)](/static/build/img/news/gitlab-fixes-critical-vulnerability-patch-now-cve-2023-5009-medium.jpg)
GitLab has fixed a critical vulnerability in the Enterprise Edition and Community Edition of its widely used DevOps platform.
"Scan execution policy allows configuring built-in scanners for GitLab projects, such as static analysis and vulnerability scanning. These scanners are running in dedicated pipelines with a predefined set of permissions," Alex Ilgayev, head of security research at Cycode told Help Net Security.
"According to the GitLab issue tracker and source code, any user can easily exploit that vulnerability by changing the policy file author using the 'git config' command. The scan is done through the identity of the policy file's last committer, effectively gaining the permissions of arbitrary users," Ilgayev added.
GitLab updated the mechanism to execute these security scans using a dedicated bot user with limited permissions. While GitLab didn't release official information regarding the bypass, by inspecting the GitLab source code, the bypass seems to involve removing the bot user from the group and allowing the execution of the previous vulnerability flow again."
GitLab has released fixed versions for GitLab Community Edition and Enterprise Edition.
"We strongly recommend that all GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the patched version," said Nick Malcolm, senior application security engineer at GitLab.
News URL
https://www.helpnetsecurity.com/2023/09/22/cve-2023-5009/
Related news
- GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others (source)
- VMware fixes critical vCenter RCE vulnerability, patch now (source)
- Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002) (source)
- Check Point warns customers to patch VPN vulnerability under active exploitation (source)
- Exploit for critical Progress Telerik auth bypass released, patch now (source)
- Exploit for critical Veeam auth bypass available, patch now (source)
- Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability (source)
- SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately (source)
- Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool (source)
- Exploit Attempts Recorded Against New MOVEit Transfer Vulnerability - Patch ASAP! (source)