Server-Side Request Forgery in GitLab Runner by GitLab
CVE-2020-13295

5.4MEDIUM

Key Information:

Vendor: Gitlab
Status: Gitlab Runner
Vendor: CVE Published:; 10 August 2020

Summary

In versions of GitLab Runner earlier than 13.0.12, 13.1.6, and 13.2.3, a vulnerability allows for Server-Side Request Forgery (SSRF). This occurs when an attacker can replace the dockerd component with a malicious server, subsequently enabling unauthorized access to internal resources. It is crucial for users to perform timely updates to safeguard against this type of attack.

Affected Version(s)

GitLab Runner >=1.0, <13.0.12 < 1.0, 13.0.12

GitLab Runner >=13.1, <13.1.6 < 13.1, 13.1.6

GitLab Runner >=13.2, <13.2.3 < 13.2, 13.2.3

References

https://gitlab.com/gitlab-org/gitlab/-/issues/209096

x_refsource_MISC

https://hackerone.com/reports/809248

x_refsource_MISC

https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 10, 2020
Vulnerability Reserved
May 21, 2020

Credit

Thanks [@lucash-dev](https://hackerone.com/lucash-dev) for reporting this vulnerability through our HackerOne bug bounty program

.