Gitlab CE/EE - Remote Code Execution (CVE-2022-2884)
- Severity
- CVSSv3 Score
- 9.9
- Exploitable with Sniper
- No
- Vulnerability description
Gitlab CE/EE is affected by a Remote Code Execution, located on the Import from Github API endpoint. The versions impacted are those between 11.3.4-15.1.5, 15.2-15.2.3, or 15.3-15.3.1. The root cause of this vulnerability consists in insufficient validation of user input in the "Import from Github" API Endpoint. This allows a malicious authenticated attacker to execute arbitrary code on the server.
- Risk description
The risk exists that a remote authenticated attacker can fully compromise the Gitlab CE/EE server in order to steal confidential information, install ransomware or pivot to the internal network.
- Recommendation
Upgrade the Gitlab CE/EE server to the latest version or to a version higher than or equal to 15.1.5, 15.2.3, 15.3.1.
- References
https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-2884
https://about.gitlab.com/releases/2022/08/22/critical-security-release-gitlab-15-3-1-released
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2884
- Detectable with
- Network Scanner
- Vuln date
- Aug 2022
- Published at
- Updated at
- Software Type
- Collaboration software
- Vendor
- GitLab
- Product
- Server
- Codename
- Not available