CVE-2023-5207

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 30, 2023

Updated: Oct 4, 2023

CWE ID 24

CWE ID 27

CWE ID 25

CWE ID 22

Summary

CVE-2023-5207 is a vulnerability affecting GitLab CE and EE versions prior to 16.2.8, 16.3.5, and 16.4.1. This issue allows authenticated attackers to execute arbitrary pipelines under another user's context. Exploitation could potentially result in unauthorized pipeline executions and data manipulation, posing a significant risk to system security. GitLab strongly advises users to upgrade their instances to the latest patched versions as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

MATE Desktop

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/t7jMed
https://www.cve.org/CVERecord?id=CVE-2023-5207
https://nvd.nist.gov/vuln/detail/CVE-2023-5207

Back to Vulnerability Database