CVE-2023-4700

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Nov 6, 2023

Updated: Nov 14, 2023

CWE ID 284

Summary

CVE-2023-4700 is a critical authorization issue affecting GitLab Enterprise Edition (EE). This vulnerability impacts versions 14.7 to 16.5.1, including 16.3.6 and 16.4.2. An attacker could exploit this issue to bypass approvals and run jobs in protected environments, putting sensitive data at risk. Users are advised to upgrade to the latest version, 16.5.1 or later, to mitigate the threat.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

GitLab

Affected Vendors

GitLab Inc.

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/shoamR
https://www.cve.org/CVERecord?id=CVE-2023-4700
https://nvd.nist.gov/vuln/detail/CVE-2023-4700

Back to Vulnerability Database