GitLab Community Edition default account | CVE-2022-1162

NAME

GitLab Community Edition default account

Platforms Affected:
GitLab GitLab 14.7.6 Community
GitLab GitLab 14.7.6 Enterprise
GitLab GitLab 14.8.4 Community
GitLab GitLab 14.8.4 Enterprise
GitLab GitLab 14.9.1 Community
GitLab GitLab 14.9.1 Enterprise
GitLab GitLab 14.7 Community
GitLab GitLab 14.7 Enterprise
GitLab GitLab 14.8 Community
GitLab GitLab 14.8 Enterprise
GitLab GitLab 14.9 Community
GitLab GitLab 14.9 Enterprise
Risk Level:
9.1
Exploitability:
Unproven
Consequences:
Gain Access

DESCRIPTION

GitLab Community Edition and GitLab Enterprise Edition contain a hardcoded password for accounts registered using an OmniAuth provider. An attacker could exploit this vulnerability to take over accounts.

CVSS 3.0 Information

Privileges Required: None
User Interaction: None
Scope: Unchanged
Access Vector: Network
Access Complexity: Low
Confidentiality Impact: High
Integrity Impact: High
Availability Impact: None
Remediation Level: Official Fix

MITIGATION

Upgrade to the latest version of GitLab Community Edition (14.9.2, 14.8.5, 14.7.7, or later) or GitLab Enterprise Edition (14.9.2, 14.8.5, 14.7.7, or later), available from the GitLab Web site. See References.

Reference Link:
https://about.gitlab.com/releases/2022/03/31/critical-security-release-gitlab-14-9-2-released/
Reference Link:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1162

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

GitLab Community Edition default account | CVE-2022-1162

NAME

DESCRIPTION

MITIGATION

[RANSOMHUB] – Ransomware Victim: bravodigitaltrader[.]co[.]uk

[BLACKSUIT] – Ransomware Victim: SVP Worldwide

[QILIN] – Ransomware Victim: Imprimerie Peau

[KILLSEC] – Ransomware Victim: Sumitomo

Cobalt Strike Beacon Detected – 47[.]108[.]112[.]243:8443

NAME

DESCRIPTION

MITIGATION

You may have missed

[RANSOMHUB] – Ransomware Victim: bravodigitaltrader[.]co[.]uk

[BLACKSUIT] – Ransomware Victim: SVP Worldwide

[QILIN] – Ransomware Victim: Imprimerie Peau

[KILLSEC] – Ransomware Victim: Sumitomo

Cobalt Strike Beacon Detected – 47[.]108[.]112[.]243:8443