CVE-2024-3127

🗓️ 22 Aug 2024 15:31:07Reported by GitLabType

Improper Access Control in GitLab EE version 12.5 to 17.3.

Reporter	Title	Published	Views	Family All 16
Circl	CVE-2024-3127	22 Aug 202419:23	–	circl
CNNVD	GitLab Enterprise Edition 安全漏洞	22 Aug 202400:00	–	cnnvd
Cvelist	CVE-2024-3127 Improper Access Control in GitLab	22 Aug 202415:31	–	cvelist
Debian CVE	CVE-2024-3127	22 Aug 202415:31	–	debiancve
EUVD	EUVD-2024-31728	3 Oct 202520:07	–	euvd
Tenable Nessus	FreeBSD : Gitlab -- vulnerabilities (49ef501c-62b6-11ef-bba5-2cf05da270f3)	25 Aug 202400:00	–	nessus
Tenable Nessus	GitLab 12.5 < 17.1.6 / 17.2 < 17.2.4 / 17.3 < 17.3.1 (CVE-2024-3127)	22 Aug 202400:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2024-3127	27 Aug 202500:00	–	nessus
NVD	CVE-2024-3127	22 Aug 202416:15	–	nvd
OSV	BIT-GITLAB-2024-3127 Improper Access Control in GitLab	26 Aug 202408:32	–	osv

NVD

Vulners

Node

gitlab gitlabRange12.5.0–17.1.6community

gitlab gitlabRange12.5.0–17.1.6enterprise

gitlab gitlabRange17.2.0–17.2.4community

gitlab gitlabRange17.2.0–17.2.4enterprise

gitlab gitlabMatch17.3.0community

gitlab gitlabMatch17.3.0enterprise

[
  {
    "cpes": [
      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
    ],
    "defaultStatus": "unaffected",
    "product": "GitLab",
    "repo": "git://[email protected]:gitlab-org/gitlab.git",
    "vendor": "GitLab",
    "versions": [
      {
        "lessThan": "17.1.6",
        "status": "affected",
        "version": "12.5",
        "versionType": "semver"
      },
      {
        "lessThan": "17.2.4",
        "status": "affected",
        "version": "17.2",
        "versionType": "semver"
      },
      {
        "lessThan": "17.3.1",
        "status": "affected",
        "version": "17.3",
        "versionType": "semver"
      }
    ]
  }
]

Source	Link
hackerone	www.hackerone.com/reports/2395169
gitlab	www.gitlab.com/gitlab-org/gitlab/-/issues/452640

13 Dec 2024 16:11Current

4.5Medium risk

Vulners AI Score4.5

CVSS 3.14.3

EPSS0.00325

SSVC