Multiple Microsoft Products Vulnerabilities
September 13, 2024An Emerging Ducktail Infostealer – Active IOCs
September 14, 2024Multiple Microsoft Products Vulnerabilities
September 13, 2024An Emerging Ducktail Infostealer – Active IOCs
September 14, 2024Severity
High
Analysis Summary
CVE-2024-6678 CVSS:9.9
GitLab could allow a remote authenticated attacker to bypass security restrictions. By sending a specially crafted request, an attacker could exploit this vulnerability to trigger a pipeline as an arbitrary user under certain circumstances.
CVE-2024-8640 CVSS:8.5
GitLab could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-8635 CVSS:7.7
GitLab is vulnerable to server-side request forgery. By using a custom Maven Dependency Proxy URL, a authenticated remote attacker could exploit this vulnerability to conduct an SSRF attack, allowing the attacker to make requests to internal resources.
CVE-2024-8124 CVSS:7.5
GitLab is vulnerable to a denial of service, caused by inefficient regular expression complexity. By sending a large `glm_source` parameter., a remote attacker could exploit this vulnerability to cause a denial of service.
Impact
- Security Bypass
- Gain Access
- Denial of Service
Indicators of Compromise
CVE
- CVE-2024-6678
- CVE-2024-8640
- CVE-2024-8635
- CVE-2024-8124
Affected Vendors
Affected Products
- GitLab - 17.1.6
- GitLab - 17.2.4
- GitLab - 17.3.1
- GitLab Enterprise Edition - 17.1.6
- GitLab Enterprise Edition - 17.2.4
- GitLab Enterprise Edition - 17.3.1
Remediation
Refer to GitLab Website for patch, upgrade or suggested workaround information.