/

CVE-2023-7028 Report - Details, Severity, & Advisories

CVE-2023-7028 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

CVE-2023-7028 is a critical security vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE) systems. This issue allows an attacker to take over a user account by sending password reset emails to unverified email addresses. The vulnerability has been rated as 7.5 high by the National Vulnerability Database and 10.0 critical by GitLab Inc. It impacts various versions of GitLab CE/EE, and users are urged to update their installations to the latest patched versions to protect against this threat.

How do I know if I'm affected?

If you're using GitLab Community Edition (CE) or Enterprise Edition (EE), you might be affected by the CVE-2023-7028 vulnerability. The affected versions include 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2. This vulnerability allows an attacker to change a user's password and access the reset link without any user interactions. If you're running one of these affected versions, it's crucial to update your GitLab installation to a patched version to protect your account.

What should I do if I'm affected?

If you're affected by the CVE-2023-7028 vulnerability, take immediate action to secure your GitLab account. Update your GitLab instance to a patched version like 16.7.2, 16.6.4, or 16.5.6. Enable Two-Factor Authentication (2FA) for all GitLab accounts, especially those with elevated privileges.

Is CVE-2023-7028 in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, it is in CISA's Known Exploited Vulnerabilities Catalog. It is named GitLab Community and Enterprise Editions Improper Access Control Vulnerability and was added to the catalog on May 1, 2024. The due date for addressing this vulnerability is May 22, 2024. The required action is to apply mitigations as per vendor instructions or discontinue the use of the product if mitigations are unavailable.

Weakness enumeration

The weakness enumeration for this vulnerability are categorized as CWE-640 and CWE-284: weak password recovery and improper access control. These issues can lead to account takeover without user interaction. Stay vigilant and update your GitLab installation to stay protected.

For more details

CVE-2023-7028 is a critical vulnerability affecting GitLab CE/EE systems, and it's essential to stay informed about its details and mitigations. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or refer to the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2023-7028 Report - Details, Severity, & Advisories

CVE-2023-7028 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

CVE-2023-7028 is a critical security vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE) systems. This issue allows an attacker to take over a user account by sending password reset emails to unverified email addresses. The vulnerability has been rated as 7.5 high by the National Vulnerability Database and 10.0 critical by GitLab Inc. It impacts various versions of GitLab CE/EE, and users are urged to update their installations to the latest patched versions to protect against this threat.

How do I know if I'm affected?

If you're using GitLab Community Edition (CE) or Enterprise Edition (EE), you might be affected by the CVE-2023-7028 vulnerability. The affected versions include 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2. This vulnerability allows an attacker to change a user's password and access the reset link without any user interactions. If you're running one of these affected versions, it's crucial to update your GitLab installation to a patched version to protect your account.

What should I do if I'm affected?

If you're affected by the CVE-2023-7028 vulnerability, take immediate action to secure your GitLab account. Update your GitLab instance to a patched version like 16.7.2, 16.6.4, or 16.5.6. Enable Two-Factor Authentication (2FA) for all GitLab accounts, especially those with elevated privileges.

Is CVE-2023-7028 in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, it is in CISA's Known Exploited Vulnerabilities Catalog. It is named GitLab Community and Enterprise Editions Improper Access Control Vulnerability and was added to the catalog on May 1, 2024. The due date for addressing this vulnerability is May 22, 2024. The required action is to apply mitigations as per vendor instructions or discontinue the use of the product if mitigations are unavailable.

Weakness enumeration

The weakness enumeration for this vulnerability are categorized as CWE-640 and CWE-284: weak password recovery and improper access control. These issues can lead to account takeover without user interaction. Stay vigilant and update your GitLab installation to stay protected.

For more details

CVE-2023-7028 is a critical vulnerability affecting GitLab CE/EE systems, and it's essential to stay informed about its details and mitigations. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or refer to the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2023-7028 Report - Details, Severity, & Advisories

Twingate Team

May 13, 2024

CVE-2023-7028 is a critical security vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE) systems. This issue allows an attacker to take over a user account by sending password reset emails to unverified email addresses. The vulnerability has been rated as 7.5 high by the National Vulnerability Database and 10.0 critical by GitLab Inc. It impacts various versions of GitLab CE/EE, and users are urged to update their installations to the latest patched versions to protect against this threat.

How do I know if I'm affected?

If you're using GitLab Community Edition (CE) or Enterprise Edition (EE), you might be affected by the CVE-2023-7028 vulnerability. The affected versions include 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2. This vulnerability allows an attacker to change a user's password and access the reset link without any user interactions. If you're running one of these affected versions, it's crucial to update your GitLab installation to a patched version to protect your account.

What should I do if I'm affected?

If you're affected by the CVE-2023-7028 vulnerability, take immediate action to secure your GitLab account. Update your GitLab instance to a patched version like 16.7.2, 16.6.4, or 16.5.6. Enable Two-Factor Authentication (2FA) for all GitLab accounts, especially those with elevated privileges.

Is CVE-2023-7028 in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, it is in CISA's Known Exploited Vulnerabilities Catalog. It is named GitLab Community and Enterprise Editions Improper Access Control Vulnerability and was added to the catalog on May 1, 2024. The due date for addressing this vulnerability is May 22, 2024. The required action is to apply mitigations as per vendor instructions or discontinue the use of the product if mitigations are unavailable.

Weakness enumeration

The weakness enumeration for this vulnerability are categorized as CWE-640 and CWE-284: weak password recovery and improper access control. These issues can lead to account takeover without user interaction. Stay vigilant and update your GitLab installation to stay protected.

For more details

CVE-2023-7028 is a critical vulnerability affecting GitLab CE/EE systems, and it's essential to stay informed about its details and mitigations. For a comprehensive understanding of this vulnerability, including its description, severity, technical details, and known affected software configurations, visit the NVD page or refer to the links below.