CVE-2022-1680: Gitlab account take over vulnerability

by do son · Published June 3, 2022 · Updated June 3, 2022

GitLab is an open-source project for a warehouse management system. It uses Git as a code management tool to access public or private projects through a web interface. On June 1, GitLab officially issued a security notice to fix an account takeover vulnerability (CVE-2022-1680) in the Gitlab Enterprise Edition (EE), with a CVSS score of 9.9. This vulnerability was discovered internally by a member of the GitLab team. The company is not aware of accounts compromised by exploiting this vulnerability.

“When group SAML SSO is configured, the SCIM feature (available only on Premium+ subscriptions) may allow any owner of a Premium group to invite arbitrary users through their username and email, then change those users’ email addresses via SCIM to an attacker controlled email address and thus – in the absence of 2FA – take over those accounts. It is also possible for the attacker to change the display name and username of the targeted account.” the company said in an advisory.

Affected version

GitLab Enterprise Edition (EE) 11.10 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1

Unaffected version

GitLab Enterprise Edition (EE) 15.0.1, 14.10.4, and 14.9.5

Solution

At present, GitLab has fixed the CVE-2022-1680 vulnerability in the latest version. We strongly recommend that all installations running a version affected by the issues described above are upgraded to the latest version as soon as possible.

CVE-2022-1680: Gitlab account take over vulnerability

Search

Brilliantly

Content & Links