Security News > 2023 > September > GitLab fixes critical vulnerability, patch now! (CVE-2023-5009)
GitLab has fixed a critical vulnerability in the Enterprise Edition and Community Edition of its widely used DevOps platform.
"Scan execution policy allows configuring built-in scanners for GitLab projects, such as static analysis and vulnerability scanning. These scanners are running in dedicated pipelines with a predefined set of permissions," Alex Ilgayev, head of security research at Cycode told Help Net Security.
"According to the GitLab issue tracker and source code, any user can easily exploit that vulnerability by changing the policy file author using the 'git config' command. The scan is done through the identity of the policy file's last committer, effectively gaining the permissions of arbitrary users," Ilgayev added.
GitLab updated the mechanism to execute these security scans using a dedicated bot user with limited permissions. While GitLab didn't release official information regarding the bypass, by inspecting the GitLab source code, the bypass seems to involve removing the bot user from the group and allowing the execution of the previous vulnerability flow again."
GitLab has released fixed versions for GitLab Community Edition and Enterprise Edition.
"We strongly recommend that all GitLab installations be upgraded to one of these versions immediately. GitLab.com is already running the patched version," said Nick Malcolm, senior application security engineer at GitLab.
News URL
https://www.helpnetsecurity.com/2023/09/22/cve-2023-5009/
Related news
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Patch Tuesday: Four Critical Vulnerabilities Paved Over (source)
- PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs and Patch Released (source)
- Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites (source)