CVE-2020-8113

Published: Mar 6, 2020Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

GitLab 10.7 and later through 12.7.2 has Incorrect Access Control.

Affected (4)

Products: Gitlab: Gitlab

1 product

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Gitlab Gitlab	From 10.7.0 to 12.6.8
Gitlab Gitlab	From 12.7.0 to 12.7.2
Gitlab Gitlab	From 10.7.0 to 12.6.8
Gitlab Gitlab	From 12.7.0 to 12.7.2

Related CWEs

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (6)

https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/

Source: cve@mitre.org

Vendor Advisory

https://about.gitlab.com/releases/categories/releases/

Source: cve@mitre.org

Vendor Advisory

https://gitlab.com/gitlab-org/gitlab/issues/31599

Source: cve@mitre.org

Broken Link

https://about.gitlab.com/releases/2020/03/04/gitlab-12-dot-8-dot-2-released/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://about.gitlab.com/releases/categories/releases/

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://gitlab.com/gitlab-org/gitlab/issues/31599

Source: af854a3a-2127-422b-91ae-364da2661108

Broken Link

Timeline

No history available yet.