A business logic error in GitLab CE/EE affecting all versions starting from 12.1 prior to 17.10.7, 17.11 prior to 17.11.3 and 18.0 prior to 18.0.1 where an attacker can cause a branch name confusion in confidential MRs.
Weakness
The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Gitlab | Gitlab | 12.1.0 (including) | 17.10.7 (excluding) |
| Gitlab | Gitlab | 17.11.0 (including) | 17.11.3 (excluding) |
| Gitlab | Gitlab | 18.0.0 (including) | 18.0.0 (including) |
| Gitlab | Ubuntu | esm-apps/xenial | * |
Extended Description
If an attacker can cause the UI to display erroneous data, or to otherwise convince the user to display information that appears to come from a trusted source, then the attacker could trick the user into performing the wrong action. This is often a component in phishing attacks, but other kinds of problems exist. For example, if the UI is used to monitor the security state of a system or network, then omitting or obscuring an important indicator could prevent the user from detecting and reacting to a security-critical event. UI misrepresentation can take many forms:
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/154.html
- https://cwe.mitre.org/data/definitions/163.html
- https://cwe.mitre.org/data/definitions/164.html
- https://cwe.mitre.org/data/definitions/173.html
- https://cwe.mitre.org/data/definitions/98.html