Attacker can trigger pipeline as another user
CVE-2024-5655
Key Information:
Badges
Summary
An identified issue in GitLab CE/EE versions allows unauthorized users to trigger pipelines on behalf of other users, which can lead to various potential security risks. This vulnerability affects all versions of GitLab CE/EE from 15.8 upwards before version 16.11.5, 17.0 prior to 17.0.3, and 17.1 prior to 17.1.1. The exploitation requires specific conditions to be met, emphasizing the need for immediate updates to protect user workflow integrity. Further details and tracking of the issue can be found in reference materials such as GitLab Issue #465862 and the HackerOne Bug Bounty Report #2536320.
Affected Version(s)
GitLab 15.8 < 16.11.5
GitLab 17.0 < 17.0.3
GitLab 17.1 < 17.1.1
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
Get notified when SecurityVulnerability.io launches alerting π
Well keep you posted π§
News Articles
GitLab Sends Users Scrambling Again With New CI/CD Pipeline Takeover Vuln
The bug is similar β but not identical β to a critical flaw GitLab patched just two weeks ago.
7 months ago
Over a dozen GitLab vulnerabilities addressed
Most severe of the addressed flaws is a critical bug in GitLab CE/EE versions newer than 15.8, 17.0, and 17.1, tracked as CVE-2024-5655, which could be leveraged to facilitate automated execution of a pipeline upon the automated re-targeting of a merge request.
7 months ago
Critical GitLab Bug Threatens Software Development Pipelines
The company is urging users running vulnerable versions to patch CVE-2024-5655 immediately, to avoid CI/CD malfeasance.
8 months ago
References
CVSS V3.1
Timeline
- π‘
Public PoC available
- πΎ
Exploit known to exist
- π°
First article discovered by The Hacker News
Vulnerability published