Lucene search
HistoryMay 13, 2014 - 3:55 p.m.
CVE-2013-4546
cve-2013-4546
gitlab
security
vulnerability
gitlab-shell
remote code execution
nvd
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.4%
The repository import feature in gitlab-shell before 1.7.4, as used in GitLab, allows remote authenticated users to execute arbitrary commands via the import URL.
Affected configurations
Node
gitlabgitlabMatch5.0.0
ORgitlabgitlabMatch5.0.1
ORgitlabgitlabMatch5.1.0
ORgitlabgitlabMatch5.2.0
ORgitlabgitlabMatch5.3.0
ORgitlabgitlabMatch5.4.0
ORgitlabgitlabMatch5.4.1
ORgitlabgitlabMatch5.4.2
ORgitlabgitlabMatch6.0.0
ORgitlabgitlabMatch6.1.0
ORgitlabgitlabMatch6.2.0
ORgitlabgitlabMatch6.2.1
ORgitlabgitlabMatch6.2.2
ORgitlabgitlab-shellRange≤1.7.3
ORgitlabgitlab-shellMatch1.0.4
ORgitlabgitlab-shellMatch1.1.0
ORgitlabgitlab-shellMatch1.2.0
ORgitlabgitlab-shellMatch1.3.0
ORgitlabgitlab-shellMatch1.4.0
ORgitlabgitlab-shellMatch1.5.0
ORgitlabgitlab-shellMatch1.6.0
ORgitlabgitlab-shellMatch1.7.0
ORgitlabgitlab-shellMatch1.7.1
ORgitlabgitlab-shellMatch1.7.2
Related
debiancve
debiancve
CVE-2013-4546
2014-05-13 15:55:04
prion
prion
Design/Logic Flaw
2014-05-13 15:55:00
cvelist
cvelist
CVE-2013-4546
2014-05-13 15:00:00
nvd
nvd
CVE-2013-4546
2014-05-13 15:55:04
openvas
openvas
GitLab Community Edition 4.2.x - 5.4.0, 6.x - 6.2.2 Multiple Vulnerabilities
2022-03-28 00:00:00
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.4 High
AI Score
Confidence
Low
0.003 Low
EPSS
Percentile
68.4%
Related for CVE-2013-4546