Permission Issue in GitLab-EE Allows Unauthorized Access to Security Policy
CVE-2024-10925

5.3MEDIUM

Key Information:

Vendor
Gitlab
Status
Gitlab
Vendor
CVE Published:
3 March 2025

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A vulnerability in GitLab-EE allows Guest users to gain unauthorized access to sensitive YAML configuration files outlining security policies. This issue affects versions from 16.2 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. By exploiting this flaw, unauthorized individuals can read security policy settings, potentially leading to a compromise of sensitive information. The lack of proper permission management highlights the need for stringent access controls. For more details, you can refer to the GitLab issue tracking report and the HackerOne bug bounty report.

Affected Version(s)

GitLab 16.2 < 17.7.6

GitLab 17.8 < 17.8.4

GitLab 17.9 < 17.9.1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2024-10925 - Proof of Concept

References

https://gitlab.com/gitlab-org/gitlab/-/issues/502857
issue-trackingpermissions-required
https://hackerone.com/reports/2818270
technical-descriptionexploitpermissions-required

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Thanks [yuki_osaki](https://hackerone.com/yuki_osaki) for reporting this vulnerability through our HackerOne bug bounty program
.