Get in Touch
GitLab discloses critical path traversal vulnerability
Indiscriminate, opportunistic targeting.
GitLab has disclosed a critical path traversal vulnerability, tracked as CVE-2023-2825 (CVSSv3 Score – 10.0).
Successful exploitation of CVE-2023-2825 could allow an unauthenticated threat actor to read arbitrary files on the target server when an attachment exists in a public project nested within at least five groups. As a result, this could expose sensitive data, including proprietary software code, user credentials, tokens and files.
– GitLab Community Edition (CE) and Enterprise Edition (EE) version 16.0.0
It should be noted that all previous versions are unaffected.
Containment, Mitigations & Remediations
It is strongly recommended that users apply the relevant security update to patch the flaw. Details can be found within the GitLab update page. This involves upgrading to version 16.0.1. At the time of writing, no workarounds exist.
Indicators of Compromise
No specific Indicators of Compromise (IoCs) are currently available.
GitLab has a significant portion of the software configuration management market. Given that threat actors generally utilise a combination of probability and asset value to determine which attack surfaces to focus on, GitLab products could emerge as a prime target. Due to the fact that such software has become an integral aspect of business operations, threat actors will continue to exploit vulnerabilities contained within these systems in an attempt to extract the sensitive information contained therein.
No attribution to specific threat actors or groups has been identified at the time of writing.
– T1083 – File and Directory Discovery