Vulnerabilities > CVE-2020-13282 - Improper Preservation of Permissions vulnerability in Gitlab

047910
CVSS 3.5 - LOW
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
gitlab
CWE-281
NVD
Published: 2020-08-13
Updated: 2020-08-19

Summary

For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access level on the subgroup leading to improper access.

Vulnerable Configurations

Part Description Count
Application
Gitlab
733

Common Weakness Enumeration (CWE)

References