In all versions of GitLab CE/EE since version 14.1, an improper access control vulnerability allows users with expired password to still access GitLab through git and API through access tokens acquired before password expiration.
Weakness
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Gitlab | Gitlab | 14.1.0 (including) | 14.1.7 (excluding) |
| Gitlab | Gitlab | 14.2.0 (including) | 14.2.5 (excluding) |
| Gitlab | Gitlab | 4.3.0 (including) | 4.3.0 (including) |
| Gitlab | Ubuntu | esm-apps/xenial | * |
| Gitlab | Ubuntu | xenial | * |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/114.html
- https://cwe.mitre.org/data/definitions/115.html
- https://cwe.mitre.org/data/definitions/151.html
- https://cwe.mitre.org/data/definitions/194.html
- https://cwe.mitre.org/data/definitions/22.html
- https://cwe.mitre.org/data/definitions/57.html
- https://cwe.mitre.org/data/definitions/593.html
- https://cwe.mitre.org/data/definitions/633.html
- https://cwe.mitre.org/data/definitions/650.html
- https://cwe.mitre.org/data/definitions/94.html
References
- https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39872.json
- https://gitlab.com/gitlab-org/gitlab/-/issues/337954
- https://hackerone.com/reports/1285226
- https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-39872.json
- https://gitlab.com/gitlab-org/gitlab/-/issues/337954
- https://hackerone.com/reports/1285226