Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
November 15, 2022Rewterz Threat Advisory – CVE-2022-35719 – IBM MQ Internet Pass-Thru Vulnerability
November 15, 2022Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
November 15, 2022Rewterz Threat Advisory – CVE-2022-35719 – IBM MQ Internet Pass-Thru Vulnerability
November 15, 2022Severity
Medium
Analysis Summary
CVE-2022-3413
GitLab Enterprise Edition could allow a remote authenticated attacker to obtain sensitive information, caused by incorrect authorization when displaying Audit Events. An attacker could exploit this vulnerability to obtain view a group’s Audit Events and use this information to launch further attacks against the affected system.
Impact
Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-3413
Affected Vendors
GitLab
Affected Products
GitLab GitLab 15.0 Enterprise
GitLab GitLab 15.1.4 Enterprise
GitLab GitLab 15.2 Enterprise
GitLab GitLab 15.2.2 Enterprise
GitLab GitLab 15.3 Enterprise
Remediation
Refer to the GitLab GIT Repository for patch, upgrade or suggested workaround information.