CVE-2024-4784 - Vulnerability Details - OpenCVE

An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy.

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Gitlab	Gitlab

Configuration 1 [-]

OR	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*

No data.

References

Link	Providers
https://gitlab.com/gitlab-org/gitlab/-/issues/461248
https://hackerone.com/reports/2486223

History

Thu, 29 Aug 2024 15:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:gitlab:gitlab::::::::

Fri, 23 Aug 2024 17:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Gitlab Gitlab gitlab
Weaknesses		CWE-287
CPEs		cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
Vendors & Products		Gitlab Gitlab gitlab

Thu, 08 Aug 2024 15:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 08 Aug 2024 10:15:00 +0000

Type	Values Removed	Values Added
Description		An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy.
Title		Authentication Bypass by Primary Weakness in GitLab
Weaknesses		CWE-305
References		https://gitlab.com/gitlab-org/gitlab/-/issues/461248 https://hackerone.com/reports/2486223
Metrics		cvssV3_1 `{'score': 4.2, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N'}`

MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2024-08-08T10:02:19.809Z

Updated: 2024-08-29T15:04:58.457Z

Reserved: 2024-05-10T19:01:57.438Z

Link: CVE-2024-4784

Vulnrichment

Updated: 2024-08-08T14:12:27.840Z

NVD

Status : Analyzed

Published: 2024-08-08T10:15:09.390

Modified: 2024-08-23T16:59:30.430

Link: CVE-2024-4784

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4784", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2024-05-10T19:01:57.438Z", "datePublished": "2024-08-08T10:02:19.809Z", "dateUpdated": "2024-08-29T15:04:58.457Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [{"lessThan": "17.0.6", "status": "affected", "version": "16.7", "versionType": "semver"}, {"lessThan": "17.1.4", "status": "affected", "version": "17.1", "versionType": "semver"}, {"lessThan": "17.2.2", "status": "affected", "version": "17.2", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Thanks [vexin](https://hackerone.com/vexin) for reporting this vulnerability through our HackerOne bug bounty program"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy."}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-305", "description": "CWE-305: Authentication Bypass by Primary Weakness", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-08-29T15:04:58.457Z"}, "references": [{"name": "GitLab Issue #461248", "tags": ["issue-tracking", "permissions-required"], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/461248"}, {"name": "HackerOne Bug Bounty Report #2486223", "tags": ["technical-description", "exploit", "permissions-required"], "url": "https://hackerone.com/reports/2486223"}], "solutions": [{"lang": "en", "value": "Upgrade to versions 17.2.2, 17.1.4, 17.0.6 or above."}], "title": "Authentication Bypass by Primary Weakness in GitLab"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-08T14:12:19.684074Z", "id": "CVE-2024-4784", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-08T14:12:32.637Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-4784", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-08-08T14:12:19.684074Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-08T14:12:27.840Z"}}], "cna": {"title": "Authentication Bypass by Primary Weakness in GitLab", "credits": [{"lang": "en", "type": "finder", "value": "Thanks [vexin](https://hackerone.com/vexin) for reporting this vulnerability through our HackerOne bug bounty program"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.2, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "product": "GitLab", "versions": [{"status": "affected", "version": "16.7", "lessThan": "17.0.6", "versionType": "semver"}, {"status": "affected", "version": "17.1", "lessThan": "17.1.4", "versionType": "semver"}, {"status": "affected", "version": "17.2", "lessThan": "17.2.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to versions 17.2.2, 17.1.4, 17.0.6 or above."}], "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/461248", "name": "GitLab Issue #461248", "tags": ["issue-tracking", "permissions-required"]}, {"url": "https://hackerone.com/reports/2486223", "name": "HackerOne Bug Bounty Report #2486223", "tags": ["technical-description", "exploit", "permissions-required"]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-305", "description": "CWE-305: Authentication Bypass by Primary Weakness"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-08-29T15:04:58.457Z"}}}, "cveMetadata": {"cveId": "CVE-2024-4784", "state": "PUBLISHED", "dateUpdated": "2024-08-29T15:04:58.457Z", "dateReserved": "2024-05-10T19:01:57.438Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2024-08-08T10:02:19.809Z", "assignerShortName": "GitLab"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "88D2145D-48F3-40F6-8E31-80DED84A4AA7", "versionEndExcluding": "17.0.6", "versionStartIncluding": "16.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "39754D78-BBE0-41D9-B2AB-5402B32C8ECF", "versionEndExcluding": "17.1.4", "versionStartIncluding": "17.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "matchCriteriaId": "2BE7EFA9-D9B4-4E7E-81B2-597D3DC5756E", "versionEndExcluding": "17.2.2", "versionStartIncluding": "17.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in GitLab EE starting from version 16.7 before 17.0.6, version 17.1 before 17.1.4 and 17.2 before 17.2.2 that allowed bypassing the password re-entry requirement to approve a policy."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en GitLab EE a partir de la versi\u00f3n 16.7 anterior a 17.0.6, la versi\u00f3n 17.1 anterior a 17.1.4 y la 17.2 anterior a 17.2.2 que permit\u00eda omitir el requisito de reingreso de contrase\u00f1a para aprobar una pol\u00edtica."}], "id": "CVE-2024-4784", "lastModified": "2024-08-23T16:59:30.430", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.5, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.2, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 2.5, "source": "cve@gitlab.com", "type": "Secondary"}]}, "published": "2024-08-08T10:15:09.390", "references": [{"source": "cve@gitlab.com", "tags": ["Broken Link"], "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/461248"}, {"source": "cve@gitlab.com", "tags": ["Permissions Required"], "url": "https://hackerone.com/reports/2486223"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-305"}], "source": "cve@gitlab.com", "type": "Secondary"}]}