CVE-2023-1621

Medium

6.5/10

Summary

An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10.5, all versions starting from 15.11 before 15.11.1. A malicious group member may continue to commit to projects even from a restricted IP address.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Jun 06, 2023

CVE-2023-1621

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS