#VU54096 Improper Certificate Validation in Gitlab Community Edition and GitLab Enterprise Edition - CVE-2021-22218
Vulnerability identifier: #VU54096
Vulnerability risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID:
CWE-ID:
CWE-295
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Gitlab Community Edition
Universal components / Libraries /
Software for developers
GitLab Enterprise Edition
Universal components / Libraries /
Software for developers
Vendor: GitLab, Inc
Description
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to improper handling of x509 certificates. A remote authenticated attacker can spoof author of signed commits.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Gitlab Community Edition: 12.8.0 - 12.8.10, 12.9.0 - 12.9.10, 12.10.0 - 12.10.14, 13.0.0 - 13.0.14, 13.1.0 - 13.10.4, 13.2.0 - 13.2.10, 13.3.0 - 13.3.9, 13.4.0 - 13.4.7, 13.5.0 - 13.5.7, 13.6.0 - 13.6.7, 13.7.0 - 13.7.9, 13.8.0 - 13.8.8, 13.9.0 - 13.9.7, 13.11.0 - 13.11.4, 13.12.0 - 13.12.1
GitLab Enterprise Edition: 12.8.0 - 12.8.10, 12.9.0 - 12.9.10, 12.10.0 - 12.10.14, 13.0.0 - 13.0.14, 13.1.0 - 13.1.10, 13.2.0 - 13.2.10, 13.3.0 - 13.3.9, 13.4.0 - 13.4.7, 13.5.0 - 13.5.7, 13.6.0 - 13.6.7, 13.7.0 - 13.7.9, 13.8.0 - 13.8.8, 13.9.0 - 13.9.7, 13.10.0 - 13.10.4, 13.11.0 - 13.11.4, 13.12.0
External links
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22218.json
https://gitlab.com/gitlab-org/gitlab/-/issues/297665
https://hackerone.com/reports/1077019
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
