Get in Touch
GitLab discloses critical path traversal vulnerability
Target Industry
Indiscriminate, opportunistic targeting.
Overview
GitLab has disclosed a critical path traversal vulnerability, tracked as CVE-2023-2825 (CVSSv3 Score – 10.0).
Impact
Successful exploitation of CVE-2023-2825 could allow an unauthenticated threat actor to read arbitrary files on the target server when an attachment exists in a public project nested within at least five groups. As a result, this could expose sensitive data, including proprietary software code, user credentials, tokens and files.
Affected Products
– GitLab Community Edition (CE) and Enterprise Edition (EE) version 16.0.0
It should be noted that all previous versions are unaffected.
Containment, Mitigations & Remediations
It is strongly recommended that users apply the relevant security update to patch the flaw. Details can be found within the GitLab update page. This involves upgrading to version 16.0.1. At the time of writing, no workarounds exist.
Indicators of Compromise
No specific Indicators of Compromise (IoCs) are currently available.
Threat Landscape
GitLab has a significant portion of the software configuration management market. Given that threat actors generally utilise a combination of probability and asset value to determine which attack surfaces to focus on, GitLab products could emerge as a prime target. Due to the fact that such software has become an integral aspect of business operations, threat actors will continue to exploit vulnerabilities contained within these systems in an attempt to extract the sensitive information contained therein.
Threat Group
No attribution to specific threat actors or groups has been identified at the time of writing.
Mitre Methodologies
Discovery Technique
– T1083 – File and Directory Discovery
Further Information