Weak Password Recovery Mechanism for Forgotten Password

CVE-2021-39899

Low

2.9/10

Summary

In all versions of GitLab CE/EE, an attacker with physical access to a user’s machine may brute force the user’s password via the change password function. There is a rate limit in place, but the attack may still be conducted by stealing the session id from the physical compromise of the account and splitting the attack over several IP addresses and passing in the compromised session value from these various locations.

Attack Complexity: HIGH
Attack Vector: PHYSICAL
Integrity Impact: LOW
Scope: UNCHANGED
User Interaction: REQUIRED
Privileges Required: NONE
Confidentiality Impact: LOW
Availability Impact: NONE

CWE-640 - Weak Password Recovery Mechanism for Forgotten Password

The software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.

References

Advisory Timeline

Published Oct 04, 2021

Weak Password Recovery Mechanism for Forgotten Password

CVE-2021-39899

Summary

CWE-640 - Weak Password Recovery Mechanism for Forgotten Password

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS