CVE-2024-7404

An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow.

CVSS v3.0 6.5 MEDIUM

6.5^/10

CVSS v3.0 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://gitlab.com/gitlab-org/gitlab/-/issues/476670	Broken Link
https://hackerone.com/reports/2627925	Permissions Required
https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/#device-oauth-flow-allows-for-cross-window-forgery	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*

History

12 Dec 2024, 21:48

Type	Values Removed	Values Added
First Time		Gitlab gitlab Gitlab
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.5
CPE		cpe:2.3:a:gitlab:gitlab:::::community:::* cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
References	~~() https://hackerone.com/reports/2627925 -~~	() https://hackerone.com/reports/2627925 - Permissions Required
References	~~() https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/#device-oauth-flow-allows-for-cross-window-forgery -~~	() https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/#device-oauth-flow-allows-for-cross-window-forgery - Vendor Advisory
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/476670 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/476670 - Broken Link

14 Nov 2024, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-11-14 13:15

Updated : 2024-12-12 21:48

NVD link : CVE-2024-7404

Mitre link : CVE-2024-7404

JSON object : View

Products Affected

gitlab

gitlab

CWE

CWE-1021

Improper Restriction of Rendered UI Layers or Frames

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/476670", "name": "GitLab Issue #476670", "tags": ["Broken Link"], "refsource": ""}, {"url": "https://hackerone.com/reports/2627925", "name": "HackerOne Bug Bounty Report #2627925", "tags": ["Permissions Required"], "refsource": ""}, {"url": "https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/#device-oauth-flow-allows-for-cross-window-forgery", "name": "https://about.gitlab.com/releases/2024/11/13/patch-release-gitlab-17-5-2-released/#device-oauth-flow-allows-for-cross-window-forgery", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed an attacker gaining full API access as the victim via the Device OAuth flow."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-1021"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-7404", "ASSIGNER": "cve@gitlab.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}}, "publishedDate": "2024-11-14T13:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "17.5.2", "versionStartIncluding": "17.5.0"}, {"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "17.5.2", "versionStartIncluding": "17.5.0"}, {"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "17.4.4", "versionStartIncluding": "17.4.0"}, {"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "17.4.4", "versionStartIncluding": "17.4.0"}, {"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "17.3.7", "versionStartIncluding": "17.2.0"}, {"cpe23Uri": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "17.3.7", "versionStartIncluding": "17.2.0"}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2024-12-12T21:48Z"}