#VU25100 Incorrect default permissions in GitLab Enterprise Edition - CVE-2020-7977

Cybersecurity Help s.r.o.

Published: 2020-02-10

Vulnerability identifier: #VU25100

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-7977

CWE-ID: CWE-276

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
GitLab Enterprise Edition
Universal components / Libraries / Software for developers

Vendor: GitLab, Inc

Description

The vulnerability allows a emote attacker to escalate privileges on the system.

The vulnerability exists due to incorrect default permissions for files and folders that are set by the application. A remote developer of a project can change the pipeline status of a protected branch to any value.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

GitLab Enterprise Edition: 7.12.0 - 12.7.1

External links
https://about.gitlab.com/blog/categories/releases/
https://about.gitlab.com/releases/2020/01/30/security-release-gitlab-12-7-4-released/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in GitLab Enterprise Edition