Lucene search
Veracode Vulnerability DatabaseVERACODE:43604HistoryOct 08, 2023 - 11:51 p.m.
Privilage Escalation
2023-10-0823:51:48
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
gitlab
privilage escalation
vulnerability
pages
unique domain
strings
attacker
software
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
50.9%
gitlab is vulnerable to Privilage Escalation. The vulnerability allows an attacker to take over GitLab Pages with unique domain URLs if they know the added random string.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gitlab:sid | eq | 13.4.7-2 | |
| gitlab:sid | eq | 13.3.9-1 | |
| gitlab:sid | eq | 13.4.7-2 | |
| gitlab:sid | eq | 13.3.9-1 |
Related
cve
cve
CVE-2023-4008
2023-08-03 07:15:13
redhatcve
redhatcve
CVE-2023-4008
2023-10-09 17:56:57
cvelist
cvelist
CVE-2023-4008 Time-of-check Time-of-use (TOCTOU) Race Condition in GitLab
2023-08-03 06:31:21
debiancve
debiancve
CVE-2023-4008
2023-08-03 07:15:13
nessus
nessus
GitLab 15.9 < 16.0.8 / 16.1 < 16.1.3 / 16.2 < 16.2.2 (CVE-2023-4008)
2023-08-01 00:00:00
FreeBSD : Gitlab -- Vulnerabilities (fa239535-30f6-11ee-aef9-001b217b3468)
2023-08-02 00:00:00
prion
prion
Design/Logic Flaw
2023-08-03 07:15:00
ubuntucve
ubuntucve
CVE-2023-4008
2023-08-03 00:00:00
osv
osv
BIT-gitlab-2023-4008
2024-03-06 11:00:30
CVE-2023-4008
2023-08-03 07:15:13
nvd
nvd
CVE-2023-4008
2023-08-03 07:15:13
freebsd
freebsd
Gitlab -- Vulnerabilities
2023-08-01 00:00:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
50.9%
Related for VERACODE:43604