CVE-2024-8635

A server-side request forgery issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It was possible for an attacker to make requests to internal resources using a custom Maven Dependency Proxy URL

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://gitlab.com/gitlab-org/gitlab/-/issues/455273	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*

History

14 Sep 2024, 15:24

Type	Values Removed	Values Added
Summary		(es) Se ha descubierto un problema de server-side request forgery en GitLab EE que afecta a todas las versiones a partir de la 16.8 anterior a la 17.1.7, de la 17.2 anterior a la 17.2.5 y de la 17.3 anterior a la 17.3.2. Un atacante podía realizar solicitudes a recursos internos mediante una URL de proxy de dependencia de Maven personalizada
CPE		cpe:2.3:a:gitlab:gitlab:::::enterprise:::* cpe:2.3:a:gitlab:gitlab:::::community:::*
First Time		Gitlab gitlab Gitlab
CVSS	v2 : ~~unknown~~ v3 : ~~7.7~~	v2 : unknown v3 : 6.5
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/455273 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/455273 - Broken Link

12 Sep 2024, 17:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-12 17:15

Updated : 2024-09-14 15:24

NVD link : CVE-2024-8635

Mitre link : CVE-2024-8635

CVE.ORG link : CVE-2024-8635

JSON object : View

Products Affected

gitlab

gitlab

CWE

CWE-918

Server-Side Request Forgery (SSRF)

{"id": "CVE-2024-8635", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}, {"type": "Secondary", "source": "cve@gitlab.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 4.0, "exploitabilityScore": 3.1}]}, "published": "2024-09-12T17:15:06.437", "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/455273", "tags": ["Broken Link"], "source": "cve@gitlab.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-918"}]}, {"type": "Secondary", "source": "cve@gitlab.com", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "A server-side request forgery issue has been discovered in GitLab EE affecting all versions starting from 16.8 prior to 17.1.7, from 17.2 prior to 17.2.5, and from 17.3 prior to 17.3.2. It was possible for an attacker to make requests to internal resources using a custom Maven Dependency Proxy URL"}, {"lang": "es", "value": "Se ha descubierto un problema de server-side request forgery en GitLab EE que afecta a todas las versiones a partir de la 16.8 anterior a la 17.1.7, de la 17.2 anterior a la 17.2.5 y de la 17.3 anterior a la 17.3.2. Un atacante pod\u00eda realizar solicitudes a recursos internos mediante una URL de proxy de dependencia de Maven personalizada"}], "lastModified": "2024-09-14T15:24:45.657", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "D98A3E94-FD1A-4109-8A90-FD19A40CF007", "versionEndExcluding": "17.1.7", "versionStartIncluding": "16.8.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "FEA9798C-C168-4E92-AD2B-966A9F940A4D", "versionEndExcluding": "17.1.7", "versionStartIncluding": "16.8.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "9DE9BFF3-C056-4146-A762-E34D60E10EDE", "versionEndExcluding": "17.2.5", "versionStartIncluding": "17.2.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "1F428DA1-FB1C-4B14-A1E1-65177E7F4B10", "versionEndExcluding": "17.2.5", "versionStartIncluding": "17.2.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "D2F29B41-64CF-4CEF-8EDF-BBDBA2FFE8C1", "versionEndExcluding": "17.3.2", "versionStartIncluding": "17.3.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "145E52CC-F503-446E-A760-1C01753DA938", "versionEndExcluding": "17.3.2", "versionStartIncluding": "17.3.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@gitlab.com"}