Warning: Gitlab arbitrary file access

Image
Decorative image
Published : 25/05/2023

Reference:
Advisory #2023-60

Version:
1.0

Affected software:
Gitlab CE/EE v16.0.0

Type:
Arbitrary file access

CVE/CVSS:

CVE-2023-2825      
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N (10.0)

Sources

https://about.gitlab.com/releases/2023/05/23/critical-security-release-gitlab-16-0-1-released/ 

Risks

The exploitation of CVE-2023-2825 could expose sensitive data, including proprietary software code, user credentials, tokens, files, and other private information.

Description

The flaw arises from a path traversal problem that allows an unauthenticated remote attacker to read arbitrary files on the server. In order for this to happen the following prerequisites must be met:
 
5-9 Nested Groups
A Public Project
An Attachment

Recommended Actions

 
We strongly recommend that all installations running a version affected by the issues described below are upgraded to the latest version as soon as possible (16.0.1). Note v16.0.1 was released one day after v16.0.0.
 

References

https://www.bleepingcomputer.com/news/security/gitlab-strongly-recommends-patching-max-severity-flaw-asap/