Saturday, December 7, 2024
HomeCVE/vulnerabilityCritical Gitlab Vulnerability Let Attackers Escalate Privileges

Critical Gitlab Vulnerability Let Attackers Escalate Privileges

Published on

SIEM as a Service

GitLab, a widely used platform for DevOps lifecycle management, has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE).

The updates address multiple vulnerabilities, including a high-severity issue that could allow attackers to escalate privileges via compromised tokens.

The company strongly advises all self-managed GitLab installations to upgrade immediately to the latest versions — 17.6.1, 17.5.3, and 17.4.5.

- Advertisement - SIEM as a Service

GitLab.com has already applied these patches, while GitLab Dedicated customers do not need to take action.

Analyze cyber threats with ANYRUN's powerful sandbox. Black Friday Deals : Get up to 3 Free Licenses.

Privilege Escalation via LFS Tokens

One of the most critical vulnerabilities, assigned CVE-2024-8114, affects all GitLab CE/EE versions from 8.12 up to but not including the patched versions (17.4.5, 17.5.3, and 17.6.1).

This flaw allows attackers to escalate privileges by exploiting a victim’s Personal Access Token (PAT).

The issue has a high CVSS score of 8.2, reflecting its potential to compromise confidentiality and integrity. GitLab has credited security researcher “pwnie” for responsibly reporting the issue through its HackerOne bug bounty program.

Other Security Issues Addressed

In addition to the critical privilege escalation flaw, the patch fixes several medium-severity vulnerabilities, including:

  1. DoS via Malicious cargo.toml Files
    This vulnerability, identified as CVE-2024-8237, allows attackers to craft malicious cargo.toml files that exhaust server resources and cause a denial of service (DoS). It affects versions before the patched updates. GitLab has credited “l33thaxor” for reporting this issue.
  2. Unintended Access to Usage Data via Scoped Tokens
    CVE-2024-11669 involves the overly broad application of token scopes, which could allow unauthorized access to sensitive data. GitLab engineer Dylan Griffith discovered it internally.
  3. DoS via Malicious Harbor Registry Integration
    CVE-2024-8177 could enable denial-of-service attacks through integration with a malicious harbor registry. Security reporter “a92847865” flagged this vulnerability.
  4. Resource Exhaustion via Test_Report API Calls
    CVE-2024-11828 exploits crafted API calls to cause a DoS condition. Researcher “luryus” was credited for uncovering this issue.
  5. Streaming Endpoint Token Revocation Gap
    CVE-2024-11668, discovered internally, could allow unauthorized access to streaming endpoints if tokens were not invalidated after revocation.

To mitigate these risks, GitLab urges all users running affected versions to upgrade as soon as possible.

When no specific deployment type (e.g., source code, omnibus, helm chart) is mentioned, all deployment types are impacted. Regular patching is essential, given GitLab’s commitment to high security standards.

Cybersecurity threats continue to evolve, and GitLab’s proactive approach in addressing vulnerabilities underscores the importance of vigilance and frequent updates. Organizations using GitLab should upgrade without delay to protect against potential exploitation.

Leveraging 2024 MITRE ATT&CK Results for SME & MSP Cybersecurity Leaders – Attend Free Webinar

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...

Russian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom Malware

BlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

DaMAgeCard Attack – New SD Card Attack Lets Hackers Directly Access System Memory

Security researchers have identified a significant vulnerability dubbed "DaMAgeCard Attack" in the new SD...

Deloitte Denies Breach, Claims Only Single System Affected

Ransomware group Brain Cipher claimed to have breached Deloitte UK and threatened to publish...

Top Five Industries Most Frequently Targeted by Phishing Attacks

Researchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top...