Lucene search
PRIOn knowledge basePRION:CVE-2024-1525HistoryFeb 22, 2024 - 12:15 a.m.
Default credentials
2024-02-2200:15:00
PRIOn knowledge base
www.prio-n.com
3
default credentials
gitlab
ldap
vulnerability
version 16.1
version 16.7.6
version 16.8.3
version 16.9.1
secondary email
direct authentication
password reset
nvd
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.1 before 16.7.6, all versions starting from 16.8 before 16.8.3, all versions starting from 16.9 before 16.9.1. Under some specialized conditions, an LDAP user may be able to reset their password using their verified secondary email address and sign-in using direct authentication with the reset password, bypassing LDAP.
Related
cve
cve
CVE-2024-1525
2024-02-22 00:15:52
osv
osv
CVE-2024-1525
2024-02-22 00:15:52
BIT-gitlab-2024-1525
2024-03-06 10:52:18
nessus
nessus
GitLab 16.1 < 16.7.6 / 16.8 < 16.8.3 / 16.9 < 16.9.1 (CVE-2024-1525)
2024-05-03 00:00:00
FreeBSD : Gitlab -- Vulnerabilities (03bf5157-d145-11ee-acee-001b217b3468)
2024-02-22 00:00:00
cvelist
cvelist
CVE-2024-1525 Improper Access Control in GitLab
2024-02-21 23:30:44
ubuntucve
ubuntucve
CVE-2024-1525
2024-02-22 00:00:00
nvd
nvd
CVE-2024-1525
2024-02-22 00:15:52
debiancve
debiancve
CVE-2024-1525
2024-02-22 00:15:52
freebsd
freebsd
Gitlab -- Vulnerabilities
2024-02-21 00:00:00