SAML Configuration Flaw in GitLab CE/EE Leading to Unauthorized Access
CVE-2024-13041

4.2MEDIUM

Key Information:

Vendor: Gitlab
Status: Gitlab
Vendor: CVE Published:; 9 January 2025

Summary

A vulnerability exists in GitLab CE/EE that affects all versions starting from 16.4 prior to 17.5.5, 17.6 prior to 17.6.3, and 17.7 prior to 17.7.1. This flaw occurs when users are created through a SAML provider, where the 'external groups' setting may override the intended external provider configuration. Consequently, users may not be designated as external, inadvertently granting them access to internal projects and groups, thus compromising access controls.

Affected Version(s)

GitLab 16.4 < 17.5.5

GitLab 17.6 < 17.6.3

GitLab 17.7 < 17.7.1

References

https://gitlab.com/gitlab-org/gitlab/-/issues/479165

issue-trackingpermissions-required

https://about.gitlab.com/releases/2025/01/08/patch-releas...

CVSS V3.1

Score:

4.2

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 9, 2025
Vulnerability Reserved
Dec 30, 2024

Credit

This vulnerability has been discovered internally by GitLab team member [Drew Blessing](https://gitlab.com/dblessing).