Lucene search
GitLabCVELIST:CVE-2021-22237HistoryAug 25, 2021 - 6:37 p.m.
CVE-2021-22237
2021-08-2518:37:19
GitLab
www.cve.org
10
gitlab
vulnerability
unauthorized actions
CVSS3
6.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
22.7%
Under specialized conditions, GitLab may allow a user with an impersonation token to perform Git actions even if impersonation is disabled. This vulnerability is present in GitLab CE/EE versions before 13.12.9, 14.0.7, 14.1.2
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=13.1, <13.12.9"
},
{
"status": "affected",
"version": ">=14.0, <14.0.7"
},
{
"status": "affected",
"version": ">=14.1, <14.1.2"
}
]
}
]Related
nessus
nessus
GitLab 13.1 < 13.12.9 / 14.0 < 14.0.7 / 14.1 < 14.1.2 (CVE-2021-22237)
2024-01-02 00:00:00
FreeBSD : Gitlab -- Gitlab (1d651770-f4f5-11eb-ba49-001b217b3468)
2021-08-05 00:00:00
ubuntucve
ubuntucve
CVE-2021-22237
2021-08-25 00:00:00
nvd
nvd
CVE-2021-22237
2021-08-25 19:15:10
cve
cve
CVE-2021-22237
2021-08-25 19:15:10
osv
osv
BIT-gitlab-2021-22237
2024-03-06 11:19:26
CVE-2021-22237
2021-08-25 19:15:10
veracode
veracode
Authorization Bypass
2023-08-06 14:37:00
prion
prion
Design/Logic Flaw
2021-08-25 19:15:00
debiancve
debiancve
CVE-2021-22237
2021-08-25 19:15:10
freebsd
freebsd
Gitlab -- Gitlab
2021-08-03 00:00:00
archlinux
archlinux
[ASA-202108-7] gitlab: multiple issues
2021-08-10 00:00:00
CVSS3
6.6
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
6.6
Confidence
High
EPSS
0.001
Percentile
22.7%
Related for CVELIST:CVE-2021-22237