Gitlab Authorization Bypass Vulnerability Let Attackers Steal Protected Variables

GitLab has announced the release of updated versions for its Community Edition (CE) and Enterprise Edition (EE) platforms. These updates address critical vulnerabilities that could allow attackers to bypass authorization mechanisms and access protected variables.

The updates, versions 16.9.2, 16.8.4, and 16.7.7, come as a response to the discovery of two major security flaws, CVE-2024-0199 and CVE-2024-1299, which posed a high risk to the integrity and confidentiality of data managed through the GitLab platform.

GitLab has strongly urged all users to upgrade their installations to these latest versions to mitigate the risks associated with these vulnerabilities.

The company has already updated to the patched version, ensuring that online platform users are protected from these security flaws.

Understanding the Vulnerabilities

CVE-2024-0199: A High Severity Threat

The more critical of the two, CVE-2024-0199, was identified as an authorization bypass vulnerability affecting a wide range of GitLab versions – from 11.3 up to the versions immediately preceding the patched releases.

Integrate ANY.RUN in your company for Effective Malware Analysis

Are you from SOC and DFIR teams? – Join With 400,000 independent Researchers

Malware analysis can be fast and simple. Just let us show you the way to:

  • Interact with malware safely
  • Set up virtual machine in Linux and all Windows OS versions
  • Work in a team
  • Get detailed reports with maximum data
  • If you want to test all these features now with completely free access to the sandbox: ..

This flaw allowed attackers to craft a payload that could be used in an old feature branch to bypass CODEOWNERS restrictions, enabling unauthorized access to protected variables.

Classified with a high severity rating (CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A: N, 7.7), this vulnerability was promptly addressed in the latest GitLab releases.

CVE-2024-1299: Privilege Escalation Concern

The second vulnerability, CVE-2024-1299, involved a privilege escalation issue that affected versions 16.8 and 16.9 before the security updates.

This flaw allowed users with the custom role of manage_group_access_tokens to rotate and view group access tokens as if they had owner permissions, posing a medium severity risk (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A: N, 6.5).

Proactive Security Measures

GitLab’s commitment to security is evident in its proactive approach to identifying and patching vulnerabilities.

The company operates a scheduled monthly security release, in addition to ad-hoc releases for critical vulnerabilities, ensuring that potential security issues are addressed promptly.

Users are encouraged to visit GitLab’s security FAQ and blog posts for more information on maintaining secure GitLab installations.

The discovery of these vulnerabilities was made possible through GitLab’s HackerOne bug bounty program. Special thanks are extended to ali_shehab and ashish_r_padelkar for reporting CVE-2024-0199 and CVE-2024-1299, respectively.

In addition to the security patches, the latest GitLab releases include updates to Kubectl and Mattermost, alongside various non-security patches to enhance the platform’s stability and performance.

The swift response by GitLab to these vulnerabilities underscores the importance of continuous vigilance and prompt action in the cybersecurity landscape.

Users of GitLab are advised to upgrade their installations to the latest versions as soon as possible to safeguard their data and maintain the integrity of their development workflows.

You can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits, with Perimeter81 malware protection. All are incredibly harmful, can wreak havoc, and damage your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Divya is a Senior Journalist at Cyber Security news covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.