• 07 3184 7575
  • December 4, 2023

This Cybersecurity Threat Advisory highlights GitLab’s recent critical vulnerability, which security update have been released for. A successful exploitation can allow threat actors to mask themselves as other users during scheduled security scans while they run automated tasks (also known as pipelines). CSB recommends applying the latest GitLab patches as soon as possible.

What is the threat?

The vulnerability discovered is currently being tracked as CVE-2023-5009. It appears to be a bypass of a different vulnerability reported and fixed in August known as CVE-2023-3932. As mentioned, CVE-2023-5009 could allow threat actors to run pipelines on the compromised system as other users after proper exploitation. This was discovered by researcher and bug hunter Johan Carlsson. The affected GitLab versions for this vulnerability include:

  • GitLab Community Edition (CE) 13.12 to 16.2.7 and 16.3 to 16.3.4
  • GitLab Enterprise Edition (EE) 13.12 to 16.2.7 and 16.3 to 16.3.4

Why is it noteworthy?

GitLab is an open-source software project management platform used globally. With a CVE score of 9.3 according to NIST’s National Vulnerability Database, it warrants action to be taken immediately.

What is the exposure or risk?

GitLab’s recent vulnerability can lead to significant exposure and/or risk for its customers. If exploited successfully, it may allow an attacker to impersonate users without their knowledge and run pipelines. This could result in threat actors accessing sensitive data and/or abuse the affected user’s account permissions to run code, modify data or even trigger automated events within GitLab.

What are the recommendations?

  • Apply the latest patches available for GitLab.
  • Perform an audit on user’s permissions within Gitlab.
  • If using before version 16.2, avoid turning on the “Direct transfers” and “Security policies” settings to mitigate this issue.
Previous Post
What is malware?
Next Post
Is cyber insurance a good cyber security mitigation strategy?

Subscribe to our newsletter

Subscribe to our newsletter and get the latest updates on news, technology, tips, and tricks on how to securing your business.

Join Our Newsletter

Please complete this form to create an account, receive email updates and much more.
*Required Fields
Note: It is our responsibility to protect your privacy and we guarantee that your data will be completely confidential.