CVE-2023-6564 - Vulnerability Details - OpenCVE

An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or merge to protected branches.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Gitlab	Gitlab

Configuration 1 [-]

OR	cpe:2.3:a:gitlab:gitlab:16.4.3::::enterprise:::
	cpe:2.3:a:gitlab:gitlab:16.5.3::::enterprise:::
	cpe:2.3:a:gitlab:gitlab:16.6.1::::enterprise:::

No data.

References

Link	Providers
https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213

History

Fri, 04 Oct 2024 08:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 03 Oct 2024 07:45:00 +0000

Type	Values Removed	Values Added
Weaknesses	CWE-285

Thu, 03 Oct 2024 06:30:00 +0000

Type	Values Removed	Values Added
Title	Improper Authorization in GitLab	Incorrect Authorization in GitLab
Weaknesses		CWE-863

Thu, 29 Aug 2024 20:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 29 Aug 2024 15:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:gitlab:gitlab::::::::

MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2024-02-08T11:30:52.438Z

Updated: 2024-10-03T06:23:16.888Z

Reserved: 2023-12-06T20:01:35.486Z

Link: CVE-2023-6564

Vulnrichment

Updated: 2024-08-02T08:35:14.927Z

NVD

Status : Modified

Published: 2024-02-08T12:15:55.767

Modified: 2024-11-21T08:44:06.647

Link: CVE-2023-6564

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6564", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2023-12-06T20:01:35.486Z", "datePublished": "2024-02-08T11:30:52.438Z", "dateUpdated": "2024-10-03T06:23:16.888Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [{"lessThan": "16.4.4", "status": "affected", "version": "16.4.3", "versionType": "semver"}, {"lessThan": "16.5.4", "status": "affected", "version": "16.5.3", "versionType": "semver"}, {"lessThan": "16.6.2", "status": "affected", "version": "16.6.1", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "This vulnerability has been discovered internally by a GitLab team member"}], "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or merge to protected branches."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-10-03T06:23:16.888Z"}, "references": [{"name": "GitLab Issue #17213", "tags": ["issue-tracking", "permissions-required"], "url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213"}], "solutions": [{"lang": "en", "value": "Upgrade to version 16.4.4, 16.5.4 or 16.6.2"}], "title": "Incorrect Authorization in GitLab"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6564", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-21T19:46:07.212089Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:21:52.048Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:35:14.927Z"}, "title": "CVE Program Container", "references": [{"url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213", "name": "GitLab Issue #17213", "tags": ["issue-tracking", "permissions-required", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213", "name": "GitLab Issue #17213", "tags": ["issue-tracking", "permissions-required", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:35:14.927Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6564", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-21T19:46:07.212089Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:40.375Z"}}], "cna": {"title": "Incorrect Authorization in GitLab", "credits": [{"lang": "en", "type": "finder", "value": "This vulnerability has been discovered internally by a GitLab team member"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "product": "GitLab", "versions": [{"status": "affected", "version": "16.4.3", "lessThan": "16.4.4", "versionType": "semver"}, {"status": "affected", "version": "16.5.3", "lessThan": "16.5.4", "versionType": "semver"}, {"status": "affected", "version": "16.6.1", "lessThan": "16.6.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to version 16.4.4, 16.5.4 or 16.6.2"}], "references": [{"url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213", "name": "GitLab Issue #17213", "tags": ["issue-tracking", "permissions-required"]}], "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or merge to protected branches."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-10-03T06:23:16.888Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6564", "state": "PUBLISHED", "dateUpdated": "2024-10-03T06:23:16.888Z", "dateReserved": "2023-12-06T20:01:35.486Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2024-02-08T11:30:52.438Z", "assignerShortName": "GitLab"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:16.4.3:*:*:*:enterprise:*:*:*", "matchCriteriaId": "6A759830-9D31-4AF5-912F-CA91D6023AD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:16.5.3:*:*:*:enterprise:*:*:*", "matchCriteriaId": "D2A7EFB5-6D86-4034-99EF-78E95E32D155", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:16.6.1:*:*:*:enterprise:*:*:*", "matchCriteriaId": "598CF5D0-C052-4794-A66D-45BB6E002212", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or merge to protected branches."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en GitLab EE Premium y Ultimate que afecta las versiones 16.4.3, 16.5.3 y 16.6.1. En proyectos que utilizan subgrupos para definir qui\u00e9n puede enviar o fusionar ramas protegidas, es posible que haya habido casos en los que los miembros del subgrupo con el rol de Desarrollador pudieron enviar o fusionar ramas protegidas."}], "id": "CVE-2023-6564", "lastModified": "2024-11-21T08:44:06.647", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "cve@gitlab.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-02-08T12:15:55.767", "references": [{"source": "cve@gitlab.com", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "cve@gitlab.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}