GitLab has launched safety updates to handle two essential vulnerabilities, together with one which might be exploited to take over accounts with out requiring any consumer interplay.
Tracked as CVE-2023-7028, the flaw has been awarded the utmost severity of 10.0 on the CVSS scoring system and will facilitate account takeover by sending password reset emails to an unverified electronic mail handle.
The DevSecOps platform stated the vulnerability is the results of a bug within the electronic mail verification course of, which allowed customers to reset their password by a secondary electronic mail handle.
It impacts all self-managed cases of GitLab Group Version (CE) and Enterprise Version (EE) utilizing the beneath variations –
- 16.1 previous to 16.1.6
- 16.2 previous to 16.2.9
- 16.3 previous to 16.3.7
- 16.4 previous to 16.4.5
- 16.5 previous to 16.5.6
- 16.6 previous to 16.6.4
- 16.7 previous to 16.7.2
GitLab stated it addressed the difficulty in GitLab variations 16.5.6, 16.6.4, and 16.7.2, along with backporting the repair to variations 16.1.6, 16.2.9, 16.3.7, and 16.4.5. The corporate additional famous the bug was launched in 16.1.0 on Might 1, 2023.
“Inside these variations, all authentication mechanisms are impacted,” GitLab stated. “Moreover, customers who’ve two-factor authentication enabled are susceptible to password reset however not account takeover as their second authentication issue is required to login.”
Additionally patched by GitLab as a part of the most recent replace is one other essential flaw (CVE-2023-5356, CVSS rating: 9.6), which allows a consumer to abuse Slack/Mattermost integrations to execute slash instructions as one other consumer.
To mitigate any potential threats, it is suggested to improve the cases to a patched model as quickly as doable and allow 2FA, if not already, notably for customers with elevated privileges.
