CVE-2023-6564 - OpenCVE

An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or merge to protected branches.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact High

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gitlab	Gitlab

Configuration 1 [-]

OR	cpe:2.3:a:gitlab:gitlab:16.4.3::::enterprise:::
	cpe:2.3:a:gitlab:gitlab:16.5.3::::enterprise:::
	cpe:2.3:a:gitlab:gitlab:16.6.1::::enterprise:::

No data.

References

Link	Providers
https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213

History

Thu, 29 Aug 2024 20:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 29 Aug 2024 15:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:gitlab:gitlab::::::::

MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2024-02-08T11:30:52.438Z

Updated: 2024-08-29T15:04:52.878Z

Reserved: 2023-12-06T20:01:35.486Z

Link: CVE-2023-6564

Vulnrichment

Updated: 2024-08-02T08:35:14.927Z

NVD

Status : Analyzed

Published: 2024-02-08T12:15:55.767

Modified: 2024-03-04T20:56:09.493

Link: CVE-2023-6564

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-6564", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2023-12-06T20:01:35.486Z", "datePublished": "2024-02-08T11:30:52.438Z", "dateUpdated": "2024-08-29T15:04:52.878Z"}, "containers": {"cna": {"affected": [{"cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "defaultStatus": "unaffected", "product": "GitLab", "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "versions": [{"lessThan": "16.4.4", "status": "affected", "version": "16.4.3", "versionType": "semver"}, {"lessThan": "16.5.4", "status": "affected", "version": "16.5.3", "versionType": "semver"}, {"lessThan": "16.6.2", "status": "affected", "version": "16.6.1", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "This vulnerability has been discovered internally by a GitLab team member"}], "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or merge to protected branches."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-285", "description": "CWE-285: Improper Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-08-29T15:04:52.878Z"}, "references": [{"name": "GitLab Issue #17213", "tags": ["issue-tracking", "permissions-required"], "url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213"}], "solutions": [{"lang": "en", "value": "Upgrade to version 16.4.4, 16.5.4 or 16.6.2"}], "title": "Improper Authorization in GitLab"}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6564", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-21T19:46:07.212089Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T17:21:52.048Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:35:14.927Z"}, "title": "CVE Program Container", "references": [{"url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213", "name": "GitLab Issue #17213", "tags": ["issue-tracking", "permissions-required", "x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213", "name": "GitLab Issue #17213", "tags": ["issue-tracking", "permissions-required", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T08:35:14.927Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-6564", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-21T19:46:07.212089Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:40.375Z"}}], "cna": {"title": "Improper Authorization in GitLab", "credits": [{"lang": "en", "type": "finder", "value": "This vulnerability has been discovered internally by a GitLab team member"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", "vendor": "GitLab", "product": "GitLab", "versions": [{"status": "affected", "version": "16.4.3", "lessThan": "16.4.4", "versionType": "semver"}, {"status": "affected", "version": "16.5.3", "lessThan": "16.5.4", "versionType": "semver"}, {"status": "affected", "version": "16.6.1", "lessThan": "16.6.2", "versionType": "semver"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Upgrade to version 16.4.4, 16.5.4 or 16.6.2"}], "references": [{"url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213", "name": "GitLab Issue #17213", "tags": ["issue-tracking", "permissions-required"]}], "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or merge to protected branches."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-285", "description": "CWE-285: Improper Authorization"}]}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2024-08-29T15:04:52.878Z"}}}, "cveMetadata": {"cveId": "CVE-2023-6564", "state": "PUBLISHED", "dateUpdated": "2024-08-29T15:04:52.878Z", "dateReserved": "2023-12-06T20:01:35.486Z", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "datePublished": "2024-02-08T11:30:52.438Z", "assignerShortName": "GitLab"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:16.4.3:*:*:*:enterprise:*:*:*", "matchCriteriaId": "6A759830-9D31-4AF5-912F-CA91D6023AD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:16.5.3:*:*:*:enterprise:*:*:*", "matchCriteriaId": "D2A7EFB5-6D86-4034-99EF-78E95E32D155", "vulnerable": true}, {"criteria": "cpe:2.3:a:gitlab:gitlab:16.6.1:*:*:*:enterprise:*:*:*", "matchCriteriaId": "598CF5D0-C052-4794-A66D-45BB6E002212", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab EE Premium and Ultimate affecting versions 16.4.3, 16.5.3, and 16.6.1. In projects using subgroups to define who can push and/or merge to protected branches, there may have been instances in which subgroup members with the Developer role were able to push or merge to protected branches."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en GitLab EE Premium y Ultimate que afecta las versiones 16.4.3, 16.5.3 y 16.6.1. En proyectos que utilizan subgrupos para definir qui\u00e9n puede enviar o fusionar ramas protegidas, es posible que haya habido casos en los que los miembros del subgrupo con el rol de Desarrollador pudieron enviar o fusionar ramas protegidas."}], "id": "CVE-2023-6564", "lastModified": "2024-03-04T20:56:09.493", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "cve@gitlab.com", "type": "Secondary"}]}, "published": "2024-02-08T12:15:55.767", "references": [{"source": "cve@gitlab.com", "tags": ["Issue Tracking", "Permissions Required"], "url": "https://gitlab.com/gitlab-com/gl-infra/production/-/issues/17213"}], "sourceIdentifier": "cve@gitlab.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-285"}], "source": "cve@gitlab.com", "type": "Secondary"}]}