Lucene search

K
thnThe Hacker NewsTHN:D32F81A9F141780751F93F7D72A31ACA
HistorySep 20, 2023 - 7:18 a.m.

GitLab Releases Urgent Security Patches for Critical Vulnerability

2023-09-2007:18:00
The Hacker News
thehackernews.com
108
gitlab
security patch
critical flaw
cve-2023-5009
pipeline
vulnerability
security scan
johan carlsson
cve-2021-22205
threat actor

0.975 High

EPSS

Percentile

100.0%

Critical Vulnerability

GitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user.

The issue, tracked as CVE-2023-5009 (CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well as from 16.3 and before 16.3.4.

β€œIt was possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies,” GitLab said in an advisory. β€œThis was a bypass of CVE-2023-3932 showing additional impact.”

Successful exploitation of CVE-2023-5009 could allow a threat actor to access sensitive information or leverage the elevated permissions of the impersonated user to modify source code or run arbitrary code on the system, leading to severe consequences.

Security researcher Johan Carlsson (aka joaxcar) has been credited with discovering and reporting the flaw. CVE-2023-3932 was addressed by GitLab in early August 2023.

The new vulnerability has been remediated in GitLab versions 16.3.4 and 16.2.7.

UPCOMING WEBINAR

[Level-Up SaaS Security: A Comprehensive Guide to ITDR and SSPM

](<https://thehacker.news/itdr-saas?source=inside&gt;)

Stay ahead with actionable insights on how ITDR identifies and mitigates threats. Learn about the indispensable role of SSPM in ensuring your identity remains unbreachable.

Supercharge Your Skills

The disclosure comes as a two-year-old critical GitLab bug (CVE-2021-22205, CVSS score: 10.0) continues to be actively exploited by threat actors in real-world attacks.

Earlier this week, Trend Micro revealed that a China-linked adversary known as Earth Lusca is aggressively targeting public-facing servers by weaponizing N-day security flaws, including CVE-2021-22205, to infiltrate victim networks.

It’s highly recommended that users update their GitLab installations to the latest version as soon as possible to safeguard against potential risks.

Found this article interesting? Follow us on Twitter ο‚™ and LinkedIn to read more exclusive content we post.