CVE-2022-2501

An improper access control issue in GitLab EE affecting all versions from 12.0 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an attacker to bypass IP allow-listing and download artifacts. This attack only bypasses IP allow-listing, proper permissions are still required.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2501.json	Vendor Advisory
https://gitlab.com/gitlab-org/gitlab/-/issues/364822	Broken Link Vendor Advisory
https://hackerone.com/reports/1591412	Permissions Required Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:15.2::::enterprise:::

History

11 Aug 2022, 15:21

Type	Values Removed	Values Added
CPE		cpe:2.3:a:gitlab:gitlab:::::enterprise:::* cpe:2.3:a:gitlab:gitlab:15.2::::enterprise:::
First Time		Gitlab Gitlab gitlab
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5
CWE		CWE-863
References	~~(CONFIRM) https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2501.json -~~	(CONFIRM) https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2501.json - Vendor Advisory
References	~~(MISC) https://hackerone.com/reports/1591412 -~~	(MISC) https://hackerone.com/reports/1591412 - Permissions Required, Third Party Advisory
References	~~(MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/364822 -~~	(MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/364822 - Broken Link, Vendor Advisory

05 Aug 2022, 16:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-08-05 16:15

Updated : 2023-12-10 14:35

NVD link : CVE-2022-2501

Mitre link : CVE-2022-2501

CVE.ORG link : CVE-2022-2501

JSON object : View

Products Affected

gitlab

gitlab

CWE

CWE-863

Incorrect Authorization

{"id": "CVE-2022-2501", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "cve@gitlab.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.2}]}, "published": "2022-08-05T16:15:12.327", "references": [{"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2501.json", "tags": ["Vendor Advisory"], "source": "cve@gitlab.com"}, {"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/364822", "tags": ["Broken Link", "Vendor Advisory"], "source": "cve@gitlab.com"}, {"url": "https://hackerone.com/reports/1591412", "tags": ["Permissions Required", "Third Party Advisory"], "source": "cve@gitlab.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-863"}]}], "descriptions": [{"lang": "en", "value": "An improper access control issue in GitLab EE affecting all versions from 12.0 prior to 15.0.5, 15.1 prior to 15.1.4, and 15.2 prior to 15.2.1 allows an attacker to bypass IP allow-listing and download artifacts. This attack only bypasses IP allow-listing, proper permissions are still required."}, {"lang": "es", "value": "Un problema de control de acceso inapropiado en GitLab EE afectando a todas las versiones desde la 12.0 anteriores a 15.0.5, la 15.1 anteriores a 15.1.4 y la 15.2 anteriores a 15.2.1 permite a un atacante omitir la lista de IPs permitidas y descargar artefactos. Este ataque s\u00f3lo evita la lista de IPs permitidas, los permisos apropiados siguen siendo necesarios"}], "lastModified": "2022-08-11T15:21:28.923", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "28664DAF-CB65-4C8C-B26A-CC2192A0447D", "versionEndExcluding": "15.0.5", "versionStartIncluding": "12.0.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "B835154E-74C9-40CC-9CB1-D0644E8FB5AB", "versionEndExcluding": "15.1.4", "versionStartIncluding": "15.1.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:15.2:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "4ECA8C34-F6D0-4ED7-8278-041D709296BC"}], "operator": "OR"}]}], "sourceIdentifier": "cve@gitlab.com"}