Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:7 a.m.9 views

CVE-2023-6680

An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all versions from 11.6 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows an attacker to authenticate as another user given their public key if they use Smartcard authentication...

8.1CVSS6.6AI score0.00379EPSS
Exploits0References1
NVD
NVD
added 2023/12/15 4:15 p.m.18 views

CVE-2023-6680

An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all versions from 11.6 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows an attacker to authenticate as another user given their public key if they use Smartcard authentication...

8.1CVSS0.00379EPSS
Exploits0References1
CVE
CVE
added 2023/12/15 4:2 p.m.75 views

CVE-2023-6680

CVE-2023-6680 affects GitLab Enterprise Edition (EE) Smartcard authentication. The issue is an improper certificate validation in the Smartcard authentication flow that, if enabled by an administrator (it is an experimental feature), allows an attacker to authenticate as another user using a publ...

8.1CVSS7.5AI score0.00379EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/12/15 4:2 p.m.19 views

CVE-2023-6680 Improper Certificate Validation in GitLab

An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all versions from 11.6 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows an attacker to authenticate as another user given their public key if they use Smartcard authentication...

7.4CVSS8.1AI score0.00379EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/12/15 4:2 p.m.33 views

CVE-2023-6680 Improper Certificate Validation in GitLab

An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all versions from 11.6 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows an attacker to authenticate as another user given their public key if they use Smartcard authentication...

7.4CVSS8.1AI score0.00379EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/12/14 12:0 a.m.47 views

FreeBSD : Gitlab -- vulnerabilities (e2fb85ce-9a3c-11ee-af26-001b217b3468)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the e2fb85ce-9a3c-11ee-af26-001b217b3468 advisory. - Gitlab reports: Smartcard authentication allows impersonation of arbitrary user using user's...

8.8CVSS6.6AI score0.00733EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2023/12/14 12:0 a.m.22 views

GitLab 11.6 < 16.4.4 / 16.5 < 16.5.4 / 16.6 < 16.6.2 (CVE-2023-6680)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all versions from 11.6 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows an attacker to...

8.1CVSS7.6AI score0.00379EPSS
Exploits0References3
Rows per page
Query Builder