Lucene search

CVE-2021-22186

🗓️ 24 Mar 2021 17:14:15Reported by [email protected]Type

An authorization issue in GitLab CE/EE version 9.4 and up allowed group maintainer to modify group CI/CD variables restricted to group owners

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 12
OSV	CVE-2021-22186	24 Mar 202117:15	–	osv
OSV	BIT-gitlab-2021-22186	6 Mar 202411:20	–	osv
CVE	CVE-2021-22186	24 Mar 202117:15	–	cve
CNVD	GitLab CE/EE Authorization Issues Vulnerability	25 Mar 202100:00	–	cnvd
Cvelist	CVE-2021-22186	24 Mar 202116:42	–	cvelist
Prion	Authorization	24 Mar 202117:15	–	prion
UbuntuCve	CVE-2021-22186	24 Mar 202100:00	–	ubuntucve
Tenable Nessus	GitLab 9.4 < 13.7.8 / 13.8 < 13.8.5 / 13.9 < 13.9.2 (CVE-2021-22186)	17 May 202400:00	–	nessus
Tenable Nessus	FreeBSD : Gitlab -- Multiple vulnerabilities (8bf856ea-7df7-11eb-9aad-001b217b3468)	8 Mar 202100:00	–	nessus
Veracode	Incorrect Authorization	6 Aug 202314:27	–	veracode

Nvd

Node

gitlab gitlabRange9.4.0–13.7.8community

gitlab gitlabRange9.4.0–13.7.8enterprise

gitlab gitlabRange13.8.0–13.8.5community

gitlab gitlabRange13.8.0–13.8.5enterprise

gitlab gitlabRange13.9.0–13.9.2community

gitlab gitlabRange13.9.0–13.9.2enterprise

Source	Link
gitlab	www.gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22186.json
gitlab	www.gitlab.com/gitlab-org/gitlab/-/issues/321653

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Mar 2021 17:15Current

CVSS24

CVSS34.9

EPSS0.00145

CWE-863