Heimdal
article featured image

Contents:

GitLab disclosed critical vulnerability that enables hackers to run pipelines as other users by leveraging scheduled security scan policies. The platform issued an advisory and urged users to apply available updates as soon as possible.

The GitLab pipeline vulnerability was dubbed CVE-2023-4998 and received a 9.6 CVSS risk score.

More About the GitLab Pipeline Vulnerability Risks

CVE-2023-4998 affects GitLab Community Edition (CE) and Enterprise Edition (EE) versions 13.12 through 16.2.7 and versions 16.3 through 16.3.4.

According to GitLab, it is a bypass of a previous, now fixed medium-severity issue tracked as CVE-2023-3932.

After CVE-2023-3932 was patched in August 2023, researchers found a solution to work around the security mechanism. Their newly found method has an even more damaging impact on the system and raised the severity rating of the CVE to critical.

The new GitLab vulnerability enables hackers to impersonate users and run pipeline tasks under their names. This could grant the attackers:

  • access to sensitive data,
  • permission to run code,
  • the possibility of compromising data integrity.

Consequently, loss of intellectual property, data leakage, and supply chain attacks are some of the risks brought by exploiting the GitLab vulnerability.

Automate the Patch Management Process with Heimdal®

Find out more 30-day Free Trial. Offer valid only for companies.

Security Admins Recommended to Patch Now

Due to the critical severity score, GitLab issued an advisory that urges users to apply the available patches immediately. In this case, automated patch management is the fastest and most effective solution.

Security Admins should update to versions 16.3.4 and 16.2.7 for GitLab Community Edition (CE) and Enterprise Edition (EE). According to GitLab`s statement:

We strongly recommend that all installations running a version affected by the issues described below are upgraded to the latest version as soon as possible. For versions prior to 16.2, see the mitigations offered below.

In addition, the platform also released recommendations for users of versions before 16.2, for which there is no fix at the moment.

GitLab advises those mentioned above to avoid leaving ”Direct transfers” and ”Security policies” turned on at the same time. Activating both features at the same time makes the user vulnerable to exploiting of CVE-2023-4998.

If you liked this article, follow us on LinkedIn, Twitter, Facebook, and Youtube, for more cybersecurity news and topics.

Author Profile

Livia Gyongyoși

Communications and PR Officer

Livia Gyongyoși is a Communications and PR Officer within Heimdal®, passionate about cybersecurity. Always interested in being up to date with the latest news regarding this domain, Livia's goal is to keep others informed about best practices and solutions that help avoid cyberattacks.

CHECK OUR SUITE OF 11 CYBERSECURITY SOLUTIONS

SEE MORE