Lucene search
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.GITLAB_CVE-2024-1495.NASLHistoryJun 12, 2024 - 12:00 a.m.
GitLab 13.1 < 16.10.7 / 16.11 < 16.11.4 / 17.0 < 17.0.2 (CVE-2024-1495)
2024-06-1200:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
gitlab
vulnerability
denial of service
malicious file
cve-2024-1495
remote host
nessus
scanner
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
15.6%
The version of GitLab installed on the remote host is affected by a vulnerability, as follows:
- An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to 16.10.7, starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. It was possible for an attacker to cause a denial of service using maliciously crafted file. (CVE-2024-1495)
Note that Nessus has not tested for this issue but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(200446);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/06/14");
script_cve_id("CVE-2024-1495");
script_xref(name:"IAVA", value:"2024-A-0358");
script_name(english:"GitLab 13.1 < 16.10.7 / 16.11 < 16.11.4 / 17.0 < 17.0.2 (CVE-2024-1495)");
script_set_attribute(attribute:"synopsis", value:
"The version of GitLab installed on the remote host is affected by a vulnerability.");
script_set_attribute(attribute:"description", value:
"The version of GitLab installed on the remote host is affected by a vulnerability, as follows:
- An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to 16.10.7,
starting from 16.11 prior to 16.11.4, and starting from 17.0 prior to 17.0.2. It was possible for an
attacker to cause a denial of service using maliciously crafted file. (CVE-2024-1495)
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
number.");
# https://gitlab.com/gitlab-org/cves/-/blob/master/2024/CVE-2024-1495.json
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?23fdafac");
script_set_attribute(attribute:"see_also", value:"https://gitlab.com/gitlab-org/gitlab/-/issues/441807");
script_set_attribute(attribute:"see_also", value:"https://hackerone.com/reports/2359528");
# https://about.gitlab.com/releases/2024/06/12/patch-release-gitlab-17-0-2-released/#redos-in-gomod-dependency-linker
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?458bcdc6");
script_set_attribute(attribute:"solution", value:
"Upgrade to GitLab version 16.10.7, 16.11.4, 17.0.2 or later.");
script_set_attribute(attribute:"agent", value:"unix");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2024-1495");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2024/06/12");
script_set_attribute(attribute:"patch_publication_date", value:"2024/06/12");
script_set_attribute(attribute:"plugin_publication_date", value:"2024/06/12");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/a:gitlab:gitlab");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"II");
script_set_attribute(attribute:"thorough_tests", value:"true");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CGI abuses");
script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("gitlab_webui_detect.nbin", "gitlab_nix_installed.nbin");
script_require_keys("installed_sw/GitLab");
exit(0);
}
include('vcf.inc');
var app = 'GitLab';
var app_info = vcf::combined_get_app_info(app:app);
if (report_paranoia < 2 && max_index(app_info.parsed_version[0]) < 3 && (app_info.version =~ "^16\.(10|11)$" || app_info.version =~ "^17\.(0)$"))
if (!empty_or_null(app_info.port))
audit(AUDIT_POTENTIAL_VULN, app, app_info.version, app_info.port);
else
audit(AUDIT_POTENTIAL_VULN, app, app_info.version);
var constraints = [
{ 'min_version' : '13.1', 'fixed_version' : '16.10.7' },
{ 'min_version' : '16.11', 'fixed_version' : '16.11.4' },
{ 'min_version' : '17.0', 'fixed_version' : '17.0.2' }
];
vcf::check_version_and_report(
app_info:app_info,
constraints:constraints,
severity:SECURITY_WARNING
);
Related
nvd
nvd
CVE-2024-1495
2024-06-12 23:15:49
debiancve
debiancve
CVE-2024-1495
2024-06-12 23:15:49
vulnrichment
vulnrichment
CVE-2024-1495 Uncontrolled Resource Consumption in GitLab
2024-06-12 23:02:16
osv
osv
BIT-gitlab-2024-1495
2024-06-17 07:24:07
cve
cve
CVE-2024-1495
2024-06-12 23:15:49
cvelist
cvelist
CVE-2024-1495 Uncontrolled Resource Consumption in GitLab
2024-06-12 23:02:16
ubuntucve
ubuntucve
CVE-2024-1495
2024-06-12 00:00:00
freebsd
freebsd
Gitlab -- Vulnerabilities
2024-06-12 00:00:00
nessus
nessus
FreeBSD : Gitlab -- Vulnerabilities (92cd1c03-2940-11ef-bc02-001b217b3468)
2024-06-13 00:00:00
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
0.0004 Low
EPSS
Percentile
15.6%
Related for GITLAB_CVE-2024-1495.NASL