Vulnerabilities > CVE-2020-10074 - Unspecified vulnerability in Gitlab

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
gitlab
NVD
Published: 2020-03-13
Updated: 2020-03-18

Summary

GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link.

Vulnerable Configurations

Part Description Count
Application
Gitlab
721

References