CVE-2024-7404

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow.

CVSS v3 6.8 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.6 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/#device-oauth-flow-allows-for-cross-window-forgery	Vendor Advisory
https://gitlab.com/gitlab-org/gitlab/-/issues/476670	Broken Link
https://hackerone.com/reports/2627925	Permissions Required

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*

History

12 Dec 2024, 21:48

Type	Values Removed	Values Added
First Time		Gitlab Gitlab gitlab
CPE		cpe:2.3:a:gitlab:gitlab:::::community:::* cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
References	~~() https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/#device-oauth-flow-allows-for-cross-window-forgery -~~	() https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/#device-oauth-flow-allows-for-cross-window-forgery - Vendor Advisory
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/476670 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/476670 - Broken Link
References	~~() https://hackerone.com/reports/2627925 -~~	() https://hackerone.com/reports/2627925 - Permissions Required

Information

Published : 2024-11-14 13:15

Updated : 2024-12-12 21:48

NVD link : CVE-2024-7404

Mitre link : CVE-2024-7404

CVE.ORG link : CVE-2024-7404

JSON object : View

Products Affected

gitlab

gitlab

CWE

CWE-1021

Improper Restriction of Rendered UI Layers or Frames

{"id": "CVE-2024-7404", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@gitlab.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.6}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2024-11-14T13:15:05.050", "references": [{"url": "https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/#device-oauth-flow-allows-for-cross-window-forgery", "tags": ["Vendor Advisory"], "source": "cve@gitlab.com"}, {"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/476670", "tags": ["Broken Link"], "source": "cve@gitlab.com"}, {"url": "https://hackerone.com/reports/2627925", "tags": ["Permissions Required"], "source": "cve@gitlab.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cve@gitlab.com", "description": [{"lang": "en", "value": "CWE-1021"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en GitLab CE/EE que afecta a todas las versiones desde la 17.2 anterior a la 17.3.7, desde la 17.4 anterior a la 17.4.4 y desde la 17.5 anterior a la 17.5.2, lo que podr\u00eda haber permitido que un atacante obtuviera acceso completo a la API como v\u00edctima a trav\u00e9s del flujo OAuth del dispositivo."}], "lastModified": "2024-12-12T21:48:13.673", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "4CA2FC71-DC68-42DA-B9E7-AE64EFC48674", "versionEndExcluding": "17.3.7", "versionStartIncluding": "17.2.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "F95AF41C-A7D0-4401-881B-50456A18662E", "versionEndExcluding": "17.3.7", "versionStartIncluding": "17.2.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "1F7F4C7C-334F-4015-AC25-74FCE4BAD311", "versionEndExcluding": "17.4.4", "versionStartIncluding": "17.4.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "7FF0B7C7-E0BD-4C6C-8938-0082CBE64847", "versionEndExcluding": "17.4.4", "versionStartIncluding": "17.4.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "34CDEED3-E7FB-4620-8E07-E4766F9B6593", "versionEndExcluding": "17.5.2", "versionStartIncluding": "17.5.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "DA99FF56-0441-464D-B369-CF72EF9EEDC7", "versionEndExcluding": "17.5.2", "versionStartIncluding": "17.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@gitlab.com"}