GitLab Enterprise Edition up to 13.0.1 Group Email Address privileges management

entryeditHistoryDiffjsonxmlCTI

A vulnerability has been found in GitLab Enterprise Edition up to 13.0.1 (Bug Tracking Software) and classified as critical. Affected by this vulnerability is an unknown code of the component Group Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1056155110/26/2020VulD...cve_cnaGitLab Inc.nvd.nist.gov10/26/2020accepted70
1056155010/26/2020VulD...confirm_urlhttps://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13275.jsoncve.mitre.org10/26/2020accepted70
1019003406/21/2020VulD...cwe269 (privilege escalation)06/21/2020accepted90
1019003306/21/2020VulD...cve_nvd_summaryA user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1mitre.org06/21/2020accepted100
1019003206/21/2020VulD...cve_assigned1590019200mitre.org06/21/2020accepted100
1019002706/21/2020VulD...cvss3_nvd_aHnist.gov06/21/2020accepted100
1019002606/21/2020VulD...cvss3_nvd_iHnist.gov06/21/2020accepted100
1019002506/21/2020VulD...cvss3_nvd_cHnist.gov06/21/2020accepted100
1019002406/21/2020VulD...cvss3_nvd_sCnist.gov06/21/2020accepted100
1019002306/21/2020VulD...cvss3_nvd_uiRnist.gov06/21/2020accepted100
1019002206/21/2020VulD...cvss3_nvd_prLnist.gov06/21/2020accepted100
1019002106/21/2020VulD...cvss3_nvd_acHnist.gov06/21/2020accepted100
1019002006/21/2020VulD...cvss3_nvd_avNnist.gov06/21/2020accepted100
1018999306/21/2020VulD...typeBug Tracking Software06/21/2020accepted100
1019004206/21/2020VulD...cvss3_nvd_basescore8.0nist.gov06/21/2020accepted90
1019004106/21/2020VulD...cvss3_vuldb_rcX06/21/2020accepted90
1019004006/21/2020VulD...cvss3_vuldb_rlX06/21/2020accepted90
1019003906/21/2020VulD...cvss3_vuldb_eX06/21/2020accepted90
1019003806/21/2020VulD...cvss2_vuldb_rcND06/21/2020accepted90
1019003706/21/2020VulD...cvss2_vuldb_rlND06/21/2020accepted90

Do you need the next level of professionalism?

Upgrade your account now!