CyberSecurityBoard
Sponsor Register Login

Critical GitLab flaw allows account takeover without user interaction, patch quickly!

A critical vulnerability in GitLab CE/EE can be easily exploited by attackers to reset GitLab user account passwords.
Users who have two-factor authentication enabled on their account are safe from account takeover.
CVE-2023-7028 was reported through the company's bug bounty program and has been fixed in GitLab CE and EE versions 16.7.2, 16.6.4, 16.5.6.
GitLab advises admins of self-managed GitLab instances to upgrade to a patched version immediately, and to enable 2FA for all GitLab accounts.
GitLab.com is already running the patched version, and the company has instituted new security measures to prevent vulnerabilities such as CVE-2023-7028 to crop up in the future.
CVE-2023-5356, a critical bug caused by incorrect authorization checks, which may allow a user to abuse Slack/Mattermost integrations to execute slash commands as another user.
CVE-2023-4812 could allow attackers to bypass the required CODEOWNERS approval by adding changes to a previously approved merge request.
CVE-2023-6955, which may allow an attacker to create a workspace in one group that is associated with an agent from another group, and.
CVE-2023-2030, which could allow an attacker to modify the metadata of signed commits.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Fri, 12 Jan 2024 11:43:05 +0000


Cyber News related to Critical GitLab flaw allows account takeover without user interaction, patch quickly!

15 Best Patch Management Tools - 2025 - What is Good?What Could Be Better?Comprehensive patch management for various operating systems, applications, and third-party software.It is complex for new users and requires time and training to utilize its functionalities fully.Advanced analytics ...
3 weeks ago Cybersecuritynews.com
2FA-less GitLab users vulnerable to account takeovers The Register - GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked as CVE-2023-7028, the maximum-severity bug exploits a change introduced in version 16.1.0 back in May ...
1 year ago Go.theregister.com CVE-2023-7028 CVE-2023-5356 CVE-2023-4812 CVE-2023-6955 CVE-2023-2030
GitLab warns of critical zero-click account hijacking vulnerability - GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. The most critical security issue GitLab patched has the ...
1 year ago Bleepingcomputer.com CVE-2023-7028 CVE-2023-5356 CVE-2023-4812 CVE-2023-6955 CVE-2023-2030
GitLab Patches: Severe SAML Authentication Bypass Flaw Fixed - Security Boulevard - In addition to these patches, OmniAuth SAML has been upgraded to version 2.2.1 and Ruby-SAML to 1.17.0. It’s worth mentioning that the issue only impacts self-managed instances; therefore, users of GitLab Dedicated instances do not need to take any ...
5 months ago Securityboulevard.com CVE-2024-45409
Critical GitLab flaw allows account takeover without user interaction, patch quickly! - A critical vulnerability in GitLab CE/EE can be easily exploited by attackers to reset GitLab user account passwords. Users who have two-factor authentication enabled on their account are safe from account takeover. CVE-2023-7028 was reported through ...
1 year ago Helpnetsecurity.com CVE-2023-7028 CVE-2023-5356 CVE-2023-4812 CVE-2023-6955 CVE-2023-2030
GitLab Fixes Password Reset Bug That Allows Account Takeover - GitLab is releasing a patch to fix a vulnerability in its email verification process that bad actors can exploit to reset user passwords and take over accounts. The flaw, CVE-2023-7028, was introduced in May 2023 in GitLab 16.1.0, in which a change ...
1 year ago Securityboulevard.com CVE-2023-7028 CVE-2023-5356
How Patch Management Software Solves the Update Problem - I've never met an IT leader who doesn't know how important patch management is. At Heimdal, we believe patch management software provides the solution to this problem. Patch management software is a technology that allows businesses to automate the ...
8 months ago Heimdalsecurity.com
Critical Apache Log4j2 flaw still threatens global finance - Critical Apache Log4j2 flaw still threatens global finance. CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise ...
9 months ago Securityaffairs.com CVE-2022-38028 CVE-2023-49103 CVE-2023-20198 CVE-2023-40044 APT28 Rocke
Critical unauthenticated RCE flaw in OpenSSH server - MUST READ. Critical unauthenticated remote code execution flaw in OpenSSH server. Expert released PoC exploit code for Veeam Backup Enterprise Manager flaw CVE-2024-29849. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities ...
8 months ago Securityaffairs.com CVE-2024-29849 CVE-2023-49103 CVE-2023-20198 CVE-2023-38831 Rocke
Juniper Networks fixed a critical authentication bypass flaw in some of its routers - MUST READ. Threat actors actively exploit D-Link DIR-859 router flaw CVE-2024-0769. CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog. Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 ...
8 months ago Securityaffairs.com CVE-2024-0769 CVE-2022-38028 CVE-2024-0204 CVE-2023-49103 CVE-2023-38831 CVE-2023-40044 APT28 Rocke
CSO's Guide: Water-Tight Account Security For Your Company - In today's escalating threat landscape, account takeover and credential compromise remain top attack vectors for data breaches. CSOs must mandate and implement robust account security to protect critical assets. This comprehensive guide examines ...
1 year ago Securityboulevard.com
Critical GitLab bug lets attackers run pipelines as any user - A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user. GitLab is a popular web-based open-source software project management and work tracking ...
8 months ago Bleepingcomputer.com CVE-2024-5655 CVE-2024-4901 CVE-2024-4994 CVE-2024-6323
Key software patch testing best practices - To ensure a predictable rollout when a patch is deployed across your network, it is important to test it first in a nonproduction environment. Companies install software and firmware patches to fix bugs, remove vulnerabilities and add new features, ...
11 months ago Techtarget.com
AWS Root vs IAM User: What to Know & When to Use Them - In Amazon Web Services, there are two different privileged accounts. One is defined as Root User and the other is defined as an IAM User. In this blog, I will break down the differences of an AWS Root User versus an IAM account, when to use one ...
2 years ago Beyondtrust.com
Critical GitLab Bug Threatens Software Development Pipelines - A critical GitLab vulnerability could allow an attacker to run a pipeline as another user. GitLab is a popular Git repository, second only to GitHub, with millions of active users. This week, it released new versions of its Community and Enterprise ...
9 months ago Darkreading.com CVE-2024-5655 CVE-2023-7028
Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware - Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. BleepingComputer has learned there is more to this attack, with threat actors ...
1 year ago Bleepingcomputer.com
How to conduct security patch validation and verification - Validation and verification are important steps in the security patch management lifecycle. They help to determine the impact of a patch on the security and efficiency of an organization's IT assets. Patch validation is the process of examining newly ...
11 months ago Techtarget.com
GitLab Warns of Multiple Vulnerabilities Let Attackers Login as Valid User - Security experts recommend that organizations running GitLab implement these updates as soon as possible, especially those using SAML authentication or considering enabling the Direct Transfer feature. The vulnerability can be exploited if an ...
2 weeks ago Cybersecuritynews.com CVE-2025-27407
High-severity flaw affects Cisco Firepower Management Center - CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Hackers ...
10 months ago Securityaffairs.com CVE-2020-3259 CVE-2024-23897 CVE-2024-0204 CVE-2023-20198 CVE-2023-38831 Rocke
High-severity flaw affects Cisco Firepower Management Center - CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Hackers ...
10 months ago Securityaffairs.com CVE-2020-3259 CVE-2024-23897 CVE-2024-0204 CVE-2023-20198 CVE-2023-38831 Rocke
Patch Now: Attackers Pummel Critical, Easy-to-Exploit OwnCloud Flaw - Hackers are actively exploiting a critical flaw in the open source ownCloud platform that allows access to access admin passwords, mail server credentials, and license keys, exposing their enterprise to data breaches or other types of malicious ...
1 year ago Darkreading.com CVE-2023-49103 CVE-2023-49105 CVE-2023-49104
Researchers Claim Design Flaw in Google Workspace Puts Organizations at Risk - Google is disputing a security vendor's report this week about an apparent design weakness in Google Workspace that puts users at risk of data theft and other potential security issues. According to Hunters Security, a flaw in Google Workspace's ...
1 year ago Darkreading.com Hunters
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov
Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
1 year ago Cisa.gov CVE-2023-48842 CVE-2023-43089 CVE-2023-39226 CVE-2023-46690 CVE-2023-47207 CVE-2023-46886 CVE-2023-48882 CVE-2023-49656 CVE-2023-28896 CVE-2023-48016 CVE-2023-49092 CVE-2023-2266 CVE-2023-2267 CVE-2023-31177 CVE-2023-34388 CVE-2023-34389 CVE-2023-48848 CVE-2023-4398

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)