Urgent Security Breach in GitLab: Immediate Action Required
TLP: CLEAR
ALERT BULLETIN:
DATE: 01/17/2024
Briefing:
A critical security flaw (CVE-2023-7028) has been identified in both the GitLab Community Edition (CE) and Enterprise Edition (EE). In response, GitLab has urgently deployed critical updates in versions 16.7.2, 16.6.4, and 16.5.6.
CVE-2023-7028 (rated CVSS 10) is a critical vulnerability allowing unauthorized account access through password reset manipulation. Attackers can potentially seize control of accounts by directing password reset emails to unverified email addresses. This vulnerability impacts the following GitLab versions:
- 16.1 to 16.7.1
- Resolved in the subsequent versions:
- 16.1.6
- 16.2.9
- 16.3.7
- 16.4.5
- 16.5.6
- 16.6.4
- 16.7.2
A critical vulnerability (CVE-2023-5356, CVSS 9.6) was discovered, involving the misuse of Slack/Mattermost integrations for executing unauthorized slash commands. This issue affects versions 8.13 to 16.7.1, with remedies applied in versions 16.5.6, 16.6.4, and 16.7.2.
The active exploitation of CVE-2023-7028 has been observed, but GitLab.com is secure and has been updated to the fixed version. Accounts with two-factor authentication (2FA) are safeguarded against this breach. Users without 2FA should activate it promptly.
iFlock Security Consulting's Advisory:
For CVE-2023-7028 and CVE-2023-5356, GitLab's FAQ provides insights on the vulnerabilities' impact, recommended user actions, and confirmation of issue resolution in the latest security release. GitLab also details its future strategies to prevent similar security issues.
Indicators of Compromise (IoCs):
Currently, no IoCs related to CVE-2023-7028 or CVE-2023-5356 have been identified. iFlock Security Consulting is actively monitoring IoCs and will promptly inform customers of any developments. For detailed guidance on safeguarding your organization, contact your iFlock Security Consulting Account Executive.
iFlock Security Consulting's Protective Measures:
With the erosion of traditional security perimeters due to expanding endpoints, cloud adoption, and digital transformation, attack surfaces have grown significantly. iFlock Security Consulting offers comprehensive vulnerability management to ensure visibility and control over every threat, device, entry point, and vulnerability.
Reference Materials:
- GitLab Critical Security Release: 16.7.2, 16.6.4, 16.5.6 | GitLab
- Immediate Action Required: Critical GitLab Flaw Permits Account Takeover (CVE-2023-7028) - Help Net Security
- Alert: GitLab Issues Fixes for Critical Security Gaps - Act Now (thehackernews.com)
- CVE - CVE-2023-7028 (mitre.org)
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
IoT Security in the Food and Beverage Industry: Risks and Solutions
The Internet of Things (IoT) has transformed the food and beverage industry, allowing businesses to streamline operations, enhance product quality, and improve supply chain management. From smart manufacturing processes to automated quality control and temperature monitoring, IoT devices are...
Why Vulnerability Assessments are a Critical First Step
In today’s evolving digital landscape, cybersecurity threats are becoming more sophisticated, putting businesses at greater risk. Whether it's data breaches, ransomware attacks, or insider threats, organizations must take proactive steps to secure their systems and data. One of the most important...