Permissions, Privileges, and Access Controls in Gitlab Community Edition and GitLab Enterprise Edition - CVE-2023-2478
Published: May 5, 2023
Vulnerability identifier: #VU75770
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2023-2478
CWE-ID: CWE-264
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: GitLab, Inc
Affected software:
Gitlab Community Edition
GitLab Enterprise Edition
Gitlab Community Edition
GitLab Enterprise Edition
Detailed vulnerability description
The vulnerability allows a remote user to compromise any project on the instance.
The vulnerability exists due to improper implementation of access permission. Under certain conditions, any GitLab user account on the instance can use a GraphQL endpoint to attach a malicious runner to any project on the instance.
How to mitigate CVE-2023-2478
Install updates from vendor's website.