Vulnerabilities > CVE-2020-10074 - Unspecified vulnerability in Gitlab

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
gitlab
critical
NVD
Published: 2020-03-13
Updated: 2020-03-18

Summary

GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link.

Vulnerable Configurations

Part Description Count
Application
Gitlab
724

References