Rewterz Threat Alert – Phobos Ransomware – Active IOCs
December 2, 2022Rewterz Threat Alert – GandCrab Ransomware – Active IOCs
December 2, 2022Severity
Medium
Analysis Summary
CVE-2022-4201 CVSS:3.5
GitLab is vulnerable to server-side request forgery, caused by a flaw in the Web Terminal advertise_address. By sending a specially-crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data.
CVE-2022-3478 CVSS:4.3
GitLab is vulnerable to a denial of service. By uploading a malicious NuGet package, a remote authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2022-3482 CVSS:5.3
GitLab could allow a remote attacker to obtain sensitive information, caused by an improper access control issue. By sending specially-crafted request, an attacker could exploit this vulnerability to obtain release names.
CVE-2022-3572 CVSS:5.4
GitLab is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Jira Connect integration. A remote authenticated attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
CVE-2022-4054 CVSS:5.5
GitLab could allow a remote authenticated attacker to obtain sensitive information, caused by a sensitive information leak issue. By changing the webhook URL, an attacker could exploit this vulnerability to obtain webhook secret token.
CVE-2022-3902 CVSS:5.5
GitLab could allow a remote authenticated attacker to obtain sensitive information, caused by a sensitive information leak issue. By reviewing the logs after testing webhooks, an attacker could exploit this vulnerability to unmask webhook secret tokens.
CVE-2022-4205 CVSS:6.3
GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By using a branch with a hexadecimal name, an attacker could exploit this vulnerability to override an existing hash.
CVE-2022-3740 CVSS:6.5
GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By using a branch with a hexadecimal name, an attacker could exploit this vulnerability to override an existing hash.GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control. By using a branch with a hexadecimal name, an attacker could exploit this vulnerability to override an existing hash.
CVE-2022-3820 CVSS:6.5
GitLab could allow a remote authenticated attacker to bypass security restrictions, caused by improper authentication with some Package Registries when IP address restrictions were configured. By sending a specially-crafted request, an attacker in possession of a valid Deploy Token could exploit this vulnerability to misuse it from any location.
CVE-2022-4206 CVSS:7.7
GitLab could allow a remote authenticated attacker to obtain sensitive information, caused by a sensitive information leak issue in all versions of DAST API scanner. By sending specially-crafted request, an attacker could exploit this vulnerability to obtain Authorization header in the vulnerability report.
Impact
- Information Theft
- Denial of Service
- Information Disclosure
- Cross-Site Scripting
Indicators Of Compromise
CVE
CVE-2022-4201
CVE-2022-3478
CVE-2022-3482
CVE-2022-3572
CVE-2022-4054
CVE-2022-3902
CVE-2022-4205
CVE-2022-3740
CVE-2022-3820
CVE-2022-4206
Affected Vendors
GitLab
Affected Products
- GitLab Community Edition 15.6.0
- GitLab Community Edition 15.5.4
- GitLab Community Edition 15.4.5
- GitLab Enterprise Edition 15.6.0
- GitLab Enterprise Edition 15.5.4
- GitLab Enterprise Edition 15.4.5
Remediation
Refer to GitLab Website for patch, upgrade or suggested workaround information.