Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 10:49 p.m.17 views

CVE-2022-1162

A hardcoded password was set for accounts registered using an OmniAuth provider e.g. OAuth, LDAP, SAML in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 allowing attackers to potentially take over accounts...

9.8CVSS6.6AI score0.76177EPSS
Exploits3References1
Check Point Advisories
Check Point Advisories
added 2022/11/23 12:0 a.m.15 views

GitLab Hardcoded Credentials (CVE-2022-1162)

A hardcoded credentials vulnerability exists in GitLab. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

7.5CVSS5.1AI score0.76177EPSS
Exploits3
Exploit DB
Exploit DB
added 2022/04/26 12:0 a.m.678 views

Gitlab 14.9 - Authentication Bypass

Exploit Title: Gitlab 14.9 - Authentication Bypass Date: 12/04/2022 Exploit Authors: Greenwolf Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 Tested on:...

9.8CVSS9.8AI score0.76177EPSS
Exploits3
Packet Storm
Packet Storm
added 2022/04/26 12:0 a.m.263 views

Gitlab 14.9 Authentication Bypass

Exploit Title: Gitlab 14.9 - Authentication Bypass Date: 12/04/2022 Exploit Authors: Greenwolf & stacksmashing Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to...

9.8CVSS0.1AI score0.76177EPSS
Exploits3
0day.today
0day.today
added 2022/04/26 12:0 a.m.271 views

Gitlab 14.9 - Authentication Bypass Vulnerability

Exploit Title: Gitlab 14.9 - Authentication Bypass Exploit Authors: Greenwolf & stacksmashing Vendor Homepage: https://about.gitlab.com/ Software Link: https://about.gitlab.com/install Version: GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2 Tested on:...

9.8CVSS0.3AI score0.76177EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2022/04/18 12:0 a.m.130 views

GitLab 14.7 < 14.7.7 / 14.8 < 14.8.5 / 14.9 < 14.9.2 (CVE-2022-1162)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - A hardcoded password was set for accounts registered using an OmniAuth provider e.g. OAuth, LDAP, SAML in GitLab CE/EE versions 14.7 prior to 14.7.7, 14.8 prior to 14.8.5, and 14.9 prior to 14.9.2...

9.8CVSS8.6AI score0.76177EPSS
Exploits3References3
Malwarebytes
Malwarebytes
added 2022/04/05 8:56 a.m.33 views

GitLab issues security updates; watch out for hard coded passwords

GitLab has issued several critical security updates, with users of the version control software urged to upgrade their installations as soon as possible. One of the fixes is for a hard coded password issue. What is distributed version control? Distributed version control is a way for an...

7.5CVSS9.7AI score0.76177EPSS
Exploits3
CVE
CVE
added 2022/04/04 7:46 p.m.186 views

CVE-2022-1162

GitLab CVE-2022-1162 affects GitLab CE/EE versions 14.7 before 14.7.7, 14.8 before 14.8.5, and 14.9 before 14.9.2. Root cause: a hardcoded password was set for accounts registered via OmniAuth providers (OAuth, LDAP, SAML), enabling potential account takeover. Impact: high-risk credential exposur...

9.8CVSS9.2AI score0.76177EPSS
Exploits3References3Affected Software1
The Hacker News
The Hacker News
added 2022/04/02 4:3 a.m.65 views

GitLab Releases Patch for Critical Vulnerability That Could Let Attackers Hijack Accounts

DevOps platform GitLab has released software updates to address a critical security vulnerability that, if potentially exploited, could permit an adversary to seize control of accounts. Tracked as CVE-2022-1162, the issue has a CVSS score of 9.1 and is said to have been discovered internally by t...

9.8CVSS1.1AI score0.87369EPSS
Exploits6
Rows per page
Query Builder