• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
March 4, 2022
Rewterz Threat Advisory – CVE-2021-44747 – F-Secure Linux Security Vulnerability
March 4, 2022

Rewterz Threat Advisory – Multiple GitLab Vulnerabilities

March 4, 2022

Severity

High

Analysis Summary

CVE-2022-0735

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. An unauthorized user was able to steal runner registration tokens through an information disclosure vulnerability using quick actions commands. 

CVE-2022-0549

An issue has been discovered in GitLab CE/EE affecting all versions before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Under certain conditions, GitLab REST API may allow unprivileged users to add other users to groups even if that is not possible to do through the Web UI.

CVE-2022-0751

Inaccurate display of Snippet files containing special characters in all versions of GitLab CE/EE allows an unauthorized actor to create Snippets with misleading content, which could trick unsuspecting users into executing arbitrary commands.

CVE-2022-0741

Improper input validation in all versions of GitLab CE/EE using sendmail to send emails allowed an unauthorized actor to steal environment variables via specially crafted email addresses.

CVE-2021-4191

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.0 and all versions starting from 14.4 before 14.8. Private GitLab instances with restricted sign-ups may be vulnerable to user enumeration by unauthenticated users through the GraphQL API. 

CVE-2022-0738

An issue has been discovered in GitLab affecting all versions starting from 14.6 before 14.6.5, all versions starting from 14.7 before 14.7.4, and all versions starting from 14.8 before 14.8.2. GitLab was leaking user passwords when adding mirrors with SSH credentials under specific conditions.

CVE-2022-0489

An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15. It was possible to trigger a DOS by using the math feature with a specific formula in issue comments.

Impact

  • Unauthorized Access
  • Privilege Escalation
  • Credential Theft
  • Denial of Service
  • Information Theft

Indicators of Compromise

CVE

  • CVE-2022-0735
  • CVE-2022-0549
  • CVE-2022-0751
  • CVE-2022-0741
  • CVE-2021-4191

Affected Vendors

GitLab

Affected Products

All versions of GitLab CE/EE
GitLab Omnibus prior to 14.8

Remediation

Refer to GitHUB Advisory for patch, upgrade, or suggested workaround information. 

https://about.gitlab.com/releases/2022/02/25/critical-security-release-gitlab-14-8-2-released/

  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.