CRITICAL🚩 CISA KEV⚡ EXPLOIT🇵🇱 Wersja polska

CVE-2023-7028

CVSS 10.0v3.1pub. 2024-01-12upd. 2025-10-24

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.

🤖 AI Analysis
How it works

An error in the password reset mechanism (CWE-640) causes GitLab to send a message with a password change link to an email address that has not been verified. An attacker can initiate a password reset procedure for any account by specifying an unverified email address controlled by the attacker. After receiving the reset link, the attacker sets a new password and fully takes over the victim's account without requiring any prior authorization.

Impact

An attacker can completely take over any GitLab user account, gaining access to repositories, CI/CD pipelines, secrets, and configuration data, which may lead to compromise of the entire software supply chain.

Mitigation & patch

GitLab CE/EE must be immediately updated to version: 16.1.6, 16.2.9, 16.3.7, 16.4.5, 16.5.6, 16.6.4, or 16.7.2 (or newer). It is also recommended to review logs for unauthorized password resets and force re-authentication of all users.

Who is affected

GitLab CE and EE in versions: 16.1 before 16.1.6, 16.2 before 16.2.9, 16.3 before 16.3.7, 16.4 before 16.4.5, 16.5 before 16.5.6, 16.6 before 16.6.4, and 16.7 before 16.7.2

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
  • GitLab

    APP
    Gitlab
    16.1.0 – 16.1.6 (bez)16.2.0 – 16.2.9 (bez)16.3.0 – 16.3.7 (bez)16.4.0 – 16.4.5 (bez)16.5.0 – 16.5.6 (bez)16.6.0 – 16.6.4 (bez)16.7.0 – 16.7.2 (bez)

CISA KEV — detailsi

Vendori
GitLab
Producti
GitLab CE/EE
Added to KEVi
May 1, 2024
Remediation deadline (US Federal)i
May 22, 2024(overdue)
Required action (CISA)i

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

CISA descriptioni

GitLab Community and Enterprise Editions contain an improper access control vulnerability. This allows an attacker to trigger password reset emails to be sent to an unverified email address to ultimately facilitate an account takeover.

🔴
IMMEDIATE ACTION
Actively exploited in the wild (CISA KEV). Patch immediately.
CISA DEADLINE: 22 maja 2024
Tags
CI/CD
CWE
References

Related vulnerabilities

CVE-2021-22205CRITICAL10.0⚠ KEVten sam produkt

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properl...

CVE-2024-7102CRITICAL9.6PL ✓ten sam produkt

GitLab CE/EE: uruchomienie pipeline jako inny użytkownik (privilege escalation)

CVE-2024-9164CRITICAL9.6PL ✓ten sam produkt

GitLab EE: uruchamianie pipeline CI/CD na dowolnych gałęziach bez autoryzacji

CVE-2024-6678CRITICAL9.9PL ✓ten sam produkt

GitLab CE/EE — uruchomienie pipeline jako dowolny użytkownik (CWE-290)

CVE-2024-45409CRITICAL10.0PL ✓ten sam produkt

Ruby-SAML: pominięcie weryfikacji podpisu odpowiedzi SAML — Auth Bypass