Lucene search
GitLabCVELIST:CVE-2021-22176HistoryMar 24, 2021 - 4:46 p.m.
CVE-2021-22176
2021-03-2416:46:05
GitLab
www.cve.org
7
gitlab access control
demoted members
merge requests
security issue
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
29.6%
An issue has been discovered in GitLab affecting all versions starting with 3.0.1. Improper access control allows demoted project members to access details on authored merge requests
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=13.8.0, <13.8.4"
},
{
"status": "affected",
"version": ">=13.7.0, <13.7.7"
},
{
"status": "affected",
"version": ">=3.0.1, <13.6.7"
}
]
}
]Related
osv
osv
CVE-2021-22176
2021-03-24 17:15:13
BIT-gitlab-2021-22176
2024-03-06 11:20:34
nvd
nvd
CVE-2021-22176
2021-03-24 17:15:13
ubuntucve
ubuntucve
CVE-2021-22176
2021-03-24 00:00:00
veracode
veracode
Incorrect Authorization
2023-08-06 14:25:13
prion
prion
Improper access control
2021-03-24 17:15:00
nessus
nessus
GitLab 3.0.1 < 13.6.7 / 13.7.0 < 13.7.7 / 13.8.0 < 13.8.4 (CVE-2021-22176)
2024-05-17 00:00:00
debiancve
debiancve
CVE-2021-22176
2021-03-24 17:15:13
cve
cve
CVE-2021-22176
2021-03-24 17:15:13
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AI Score
4.6
Confidence
High
EPSS
0.001
Percentile
29.6%
Related for CVELIST:CVE-2021-22176