Security News > 2024 > October > Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)
2024-10-09 12:32
If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script that may help attackers gain access as any user on GitLab. About CVE-2024-45409 GitLab is a popular software development platform that can be deployed by users on on-premises servers, Kubernetes, or with a cloud provider. CVE-2024-45409 is a critical authentication bypass … More → The post Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/10/09/exploit-cve-2024-45409/
Related news
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files (source)
- Researchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOS (source)
- Critical security hole in Apache Struts under exploit (source)
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
- Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits (source)
- Adobe warns of critical ColdFusion bug with PoC exploit code (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- New UEFI Secure Boot bypass vulnerability discovered (CVE-2024-7344) (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-09-10 | CVE-2024-45409 | The Ruby SAML library is for implementing the client side of a SAML authorization. | 9.8 |