Login
Get a Demo
Become a Partner
SOCRadar® Cyber Intelligence Inc. | GitLab’s Critical Security Update: What You Need to Know (CVE-2023-5009)
Table Of Content
Home

Resources

Blog
Eyl 20, 2023
2 Mins Read

GitLab’s Critical Security Update: What You Need to Know (CVE-2023-5009)

GitLab is a widely-used DevOps platform that allows for code hosting, continuous integration, and other collaborative features for both Community and Enterprise users. A new critical security release has just been rolled out for GitLab Community Edition (CE) and Enterprise Edition (EE). Here’s what you need to know about the vulnerabilities and the steps for remediation.

What’s the Issue in GitLab?

The security release primarily addresses a critical vulnerability that affects various versions of GitLab EE starting from 13.12 to 16.2.7, and 16.3 to 16.3.4. This vulnerability allows an attacker to execute pipelines as an arbitrary user through the misuse of scheduled security scan policies. The vulnerability has been identified with a critical severity score of 9.6 (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N) and is designated as CVE-2023-5009.

Recommended Solutions & Alternate Mitigations

GitLab has already patched this vulnerability in the latest versions — 16.3.4 for Community Edition and 16.2.7 for Enterprise Edition. Upgrading to these versions is the best course of action for instant mitigation.

If you are running an instance with a version prior to 16.2, mitigations are available. The vulnerability only becomes active if both ‘Direct Transfers’ and ‘Security Policies’ features are enabled simultaneously. Disabling one or both of these features will mitigate the risk.

Additional Patches from GitLab

Apart from the critical security fixes, the new GitLab versions also come with non-security patches. These include improvements like a new indexer in 16.3.4 and minor feature reversions in 16.2.7.

Next Steps for Enhanced Security

Vulnerability Intelligence page for CVE-2023-5009 in SOCRadar Platform., gitlab
Vulnerability Intelligence page for CVE-2023-5009 in SOCRadar Platform.

We at SOCRadar strongly urge you to update your GitLab instances immediately to protect against these critical vulnerabilities. Utilizing tools like SOCRadar’s Vulnerability Intelligence and External Attack Surface Management can give you an extra layer of security by providing you insights into your own vulnerabilities and advising on effective remediation methods.

For more information, refer to the official GitLab security release.

Stay safe and keep your codebases safer.

Related Articles
SOCRadar® Cyber Intelligence Inc. | Major Cyber Attacks in Review: March 2024
Major Cyber Attacks in Review: March 2024
Nis 16, 2024
SOCRadar® Cyber Intelligence Inc. | Cyber Reflections of Iran's Attack on Israel
Cyber Reflections of Iran's Attack on Israel
Nis 15, 2024
SOCRadar® Cyber Intelligence Inc. | Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Command Injection (CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, CVE-2024-2757)
Critical PHP Vulnerabilities: Update Now to Prevent Takeovers and Command Injection (CVE-2024-1874, CVE-2024-2756, CVE-2024-3096, CVE-2024-2757)
Nis 15, 2024
SOCRadar® Cyber Intelligence Inc. | Critical OS Command Injection Vulnerability in Palo Alto's GlobalProtect Gateway: CVE-2024-3400. The patch is not available yet.
Critical OS Command Injection Vulnerability in Palo Alto's GlobalProtect Gateway: CVE-2024-3400. The patch is not available yet.
Nis 12, 2024
SOCRadar® Cyber Intelligence Inc. | Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, Including 2 Zero-Day Vulnerabilities
Microsoft’s April 2024 Patch Tuesday, 149 Vulnerabilities Patched, Including 2 Zero-Day Vulnerabilities
Nis 10, 2024