A critical security vulnerability discovered in GitLab, tracked as CVE-2023-7028, which has been added to the Cybersecurity & Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) Catalog.
This vulnerability allows attackers to execute an account takeover by crafting a specially formatted HTTP request. GitLab has assigned it a critical CVSS score of 10, and NIST has assigned it a score of 7.5. While primarily affecting self-hosted versions, it poses a significant risk even if multifactor authentication (MFA) is enabled.
The flaw was disclosed and patched on Jan. 11, and it was recently added to the KEV catalog on May 1. Despite the patch, proof-of-concept (PoC) exploits have been circulating online since mid-January.
If your organization uses self-managed GitLab instances, please note that versions 16.1.0 to 16.7.1 are impacted. To mitigate this vulnerability, it is crucial to update to at least version 16.5.6, 16.6.4, or 16.7.2. Additionally, patches have been backported to versions 16.1.6, 16.2.9, and 16.4.5.
As of May 1, over 2,100 servers worldwide are still exposed to exploitation. The majority of vulnerable instances are located in the United States, followed by Russia and China.
Given the severity of this issue, federal civilian executive branch (FCEB) agencies are required to patch their GitLab instances by May 22.
Don’t let advanced threats compromise your data. CloudJacket offers comprehensive protection for your digital environment, to protect you against threats like these, by using:
-
- Advanced threat detection: Immediately identify suspicious activity and prevent attacks.
- Real-time response: Quickly isolate and contain breaches before they spread.
- Expert guidance: Get the insights you need to reduce your attack surface and maintain a strong security posture.
- 24/7 SOC monitoring: Extend your security team with 24/7 expert monitoring. Our team safeguards your data and resources around the clock, giving you the peace of mind and expertise you need.
Safeguard your organization. Learn more about CloudJacket at https://www.secnap.com/cloudjacket/. Contact us today for a free consultation 954-350-0712.