Vulnerabilities > CVE-2020-6832 - Unspecified vulnerability in Gitlab

047910
CVSS 5.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
network
low complexity
gitlab
nessus
NVD
Published: 2020-01-13
Updated: 2021-07-21

Summary

An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects.

Vulnerable Configurations

Part Description Count
Application
Gitlab
1179

Nessus

NASL familyFreeBSD Local Security Checks
NASL idFREEBSD_PKG_F929B172369E11EA9CDB001B217B3468.NASL
descriptionGitlab reports : Private objects exposed through project importi
last seen2020-06-01
modified2020-06-02
plugin id132880
published2020-01-15
reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/132880
titleFreeBSD : Gitlab -- Private objects exposed through project import (f929b172-369e-11ea-9cdb-001b217b3468)

References