Vulnerabilities > CVE-2021-22236 - Incorrect Authorization vulnerability in Gitlab 14.1.0/14.1.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Due to improper handling of OAuth client IDs, new subscriptions generated OAuth tokens on an incorrect OAuth client application. This vulnerability is present in GitLab CE/EE since version 14.1.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |