Lucene search
GitLabCVELIST:CVE-2021-22253HistoryAug 23, 2021 - 7:34 p.m.
CVE-2021-22253
2021-08-2319:34:47
GitLab
www.cve.org
4
gitlab ee
unauthorized deployments
improper authorization
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
38.5%
Improper authorization in GitLab EE affecting all versions since 13.4 allowed a user who previously had the necessary access to trigger deployments to protected environments under specific conditions after the access has been removed
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=13.4, <13.12.9"
},
{
"status": "affected",
"version": ">=14.0, <14.0.7"
},
{
"status": "affected",
"version": ">=14.1, <14.1.2"
}
]
}
]Related
debiancve
debiancve
CVE-2021-22253
2021-08-23 20:15:13
ubuntucve
ubuntucve
CVE-2021-22253
2021-08-23 00:00:00
prion
prion
Authorization
2021-08-23 20:15:00
osv
osv
CVE-2021-22253
2021-08-23 20:15:13
BIT-gitlab-2021-22253
2024-03-06 11:19:06
nessus
nessus
GitLab 13.4 < 13.12.9 / 14.0 < 14.0.7 / 14.1 < 14.1.2 (CVE-2021-22253)
2024-01-03 00:00:00
nvd
nvd
CVE-2021-22253
2021-08-23 20:15:13
cve
cve
CVE-2021-22253
2021-08-23 20:15:13
CVSS3
4.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
38.5%
Related for CVELIST:CVE-2021-22253