Lucene search

PRIOn knowledge basePRION:CVE-2023-1621

HistoryJun 06, 2023 - 8:15 p.m.

Design/Logic Flaw

2023-06-0620:15:00

PRIOn knowledge base

www.prio-n.com

gitlab

security vulnerability

unauthorized commit

restricted ip

nvd

6.4 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

50.5%

JSON

An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10.5, all versions starting from 15.11 before 15.11.1. A malicious group member may continue to commit to projects even from a restricted IP address.

CPENameOperatorVersion
gitlabge12.0.0
gitlablt15.10.5
gitlabge15.11.0
gitlablt15.11.1

Name	Operator	Version
gitlab	ge	12.0.0
gitlab	lt	15.10.5
gitlab	ge	15.11.0
gitlab	lt	15.11.1

References

gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-1621.json

gitlab.com/gitlab-org/gitlab/-/issues/399774

hackerone.com/reports/1914049