Arbitrary Pipeline Access Vulnerability in GitLab EE

CVE-2024-9164

8.8HIGH

Key Information

Vendor
Gitlab
Status
Gitlab
Vendor
CVE Published:
11 October 2024

Badges

😄 Trended📰 News Worthy

What is CVE-2024-9164?

CVE-2024-9164 is a vulnerability identified in GitLab EE, an enterprise-grade version control and collaborative software development platform. This vulnerability affects a broad range of versions from 12.5 to 17.4.2, enabling unauthorized execution of pipelines on arbitrary branches. Such a security flaw poses significant risks to organizations as it can lead to unauthorized access, manipulation of repositories, and execution of malicious code within the environment, fundamentally compromising the integrity of software development processes.

Technical Details

The vulnerability stems from insufficient restrictions on pipeline execution within GitLab EE. Specifically, it permits users to run pipelines across branches without the necessary permissions, leading to potential exploitation. The versions affected include all releases from 12.5 up to 17.2.9, starting from 17.3 up to 17.3.5, and beginning from 17.4 up to 17.4.2. This flaw arises due to a failure to validate user privileges correctly, allowing for unintended code execution and the risk of compromising system security.

Impact of the Vulnerability

  1. Unauthorized Code Execution: The primary impact is the ability for an attacker to execute unverified code on arbitrary branches, leading to the introduction of malicious scripts or payloads that could harm the system or exfiltrate sensitive data.

  2. Compromised Repository Integrity: The exploitation of this vulnerability can allow unauthorized changes to codebases, potentially leading to untraceable modifications and a loss of integrity in version control.

  3. Increased Attack Surface: By allowing arbitrary pipeline execution, this vulnerability expands the potential attack vectors within the GitLab environment, increasing the likelihood of successful attacks and complicating the organization’s security posture.

Affected Version(s)

GitLab < 17.2.9

GitLab < 17.3.5

GitLab < 17.4.2

News Articles

favicon imageThe Hacker News

New Critical GitLab Vulnerability Could Allow Arbitrary CI/CD Pipeline Execution

GitLab fixes eight security flaws, including a critical CI/CD pipeline vulnerability CVE-2024-9164. Update now!

2 months ago

Refferences

https://gitlab.com/gitlab-org/gitlab/-/issues/493946
issue-trackingpermissions-required
https://hackerone.com/reports/2711204
technical-descriptionexploitpermissions-required

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability started trending

  • First article discovered by The Hacker News

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database1 News Article(s)

Credit

Thanks [pwnie](https://hackerone.com/pwnie) for reporting this vulnerability through our HackerOne bug bounty program
.