Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2024-1250

Опубликовано: 12 фев. 2024
Источник: debian
EPSS Низкий

Описание

An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2. When a user is assigned a custom role with manage_group_access_tokens permission, they may be able to create group access tokens with Owner privileges, which may lead to privilege escalation.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
gitlabnot-affectedpackage

Примечания

  • https://about.gitlab.com/releases/2024/02/07/security-release-gitlab-16-8-2-released/#restrict-group-access-token-creation-for-custom-roles

EPSS

Процентиль: 3%
0.00017
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2024-1250

CVSS3: 6.5
ubuntu
почти 2 года назад

An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2. When a user is assigned a custom role with manage_group_access_tokens permission, they may be able to create group access tokens with Owner privileges, which may lead to privilege escalation.

nvd логотип

CVE-2024-1250

CVSS3: 6.5
nvd
почти 2 года назад

An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2. When a user is assigned a custom role with manage_group_access_tokens permission, they may be able to create group access tokens with Owner privileges, which may lead to privilege escalation.

github логотип

GHSA-7x52-3x7c-gwj6

CVSS3: 6.5
github
почти 2 года назад

An issue has been discovered in GitLab EE affecting all versions starting from 16.8 before 16.8.2. When a user is assigned a custom role with manage_group_access_tokens permission, they may be able to create group access tokens with Owner privileges, which may lead to privilege escalation.

fstec логотип

BDU:2024-05545

CVSS3: 6.5
fstec
почти 2 года назад

Уязвимость программной платформы на базе git для совместной работы над кодом GitLab, связанная с небезопасным управлением привилегиями, позволяющая нарушителю повысить свои привилегии

EPSS

Процентиль: 3%
0.00017
Низкий