Rewterz Threat Alert – Black Basta Ransomware – Active IOCs
February 6, 2023Rewterz Threat Alerts – Tofsee Malware – Active IOCs
February 6, 2023Rewterz Threat Alert – Black Basta Ransomware – Active IOCs
February 6, 2023Rewterz Threat Alerts – Tofsee Malware – Active IOCs
February 6, 2023Severity
Medium
Analysis Summary
CVE-2022-3759 CVSS:4.3
GitLab CE/EE is vulnerable to a denial of service, caused by a flaw in Sidekiq background job. By uploading malicious CI job artifact zips, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-3411 CVSS:6.5
GitLab CE/EE is vulnerable to a denial of service, caused by a lack of length validation. By creating a large Issue description via GraphQL, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-4138 CVSS:6.4
GitLab CE/EE is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to take over a repository. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
CVE-2023-0518 CVSS:4.3
GitLab CE/EE is vulnerable to a denial of service, caused by a flaw in Sidekiq background job. By uploading a malicious Helm chart, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-4255 CVSS:4.3
GitLab could allow a remote attacker to obtain sensitive information, caused by an unspecified flaw. By using a specially-crafted webhook payload, an attacker could exploit this vulnerability to obtain a user email id.
CVE-2022-4335 CVSS:4.3
GitLab is vulnerable to server-side request forgery, caused by an unspecified flaw. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to conduct a blind SSRF attack, allowing the attacker to connect to a local host.
Impact
- Denial of Service
- Information Disclosure
- Unauthorized Access
Indicators Of Compromise
CVE
- CVE-2022-3759
- CVE-2022-3411
- CVE-2022-4138
- CVE-2023-0518
- CVE-2022-4255
- CVE-2022-4335
Affected Vendors
GitLab
Affected Products
- GitLab Community Edition (CE) 15.7.5
- GitLab Community Edition (CE) 15.6.6
- GitLab Enterprise Edition (EE) 15.6.6
- GitLab Enterprise Edition (EE) 15.7.5
- GitLab Enterprise Edition (EE) 15.8.0
- GitLab Community Edition (CE) 15.8.0
- GitLab 15.4.5
- GitLab 15.5.4
- GitLab 15.6.0
Remediation
Upgrade to the latest version of GitLab, available from the GitLab Web site.