GitLab Critical Security Release for GitLab Community Edition (CE) and Enterprise Edition (EE)

Advisory No: TZCERT/SA/2024/01/15

Date of First Release: 15^th January 2024

Source: GitLab

Software Affected: GitLab self-managed instances version 16.1 to 16.1.5,16.2 to 16.2.8,16.3 to 16.3.6,16.4 to 16.4.4,16.5 to 16.5.5,16.6 to 16.6.3 and 16.7 to 16.7.1

Overview:

GitLab has released security updates to address two critical vulnerabilities (CVE-2023-7028 and CVE-2023-5356), whereby one could be exploited to take over accounts without requiring any user interaction.

Description:

The vulnerability (CVE-2023-7028, CVSS score: 10) is caused by a fault in the email verification procedure, which allowed users to reset their passwords using a secondary email address.

Another critical flaw (CVE-2023-5356, CVSS score: 9.6), permits a user to abuse Slack/Mattermost integrations to execute slash commands as another user.

Impact:

Successful exploitation of this vulnerability may allow a remote attacker to take control of the affected system.

Solution:

GitLab has released updates to resolve these vulnerabilities. Users and administrations are encouraged to upgrade to the latest version as soon as possible.

References:

1. https://about.gitlab.com/releases/2024/01/11/critical-security-release-gitlab-16-7-2-released/