gitlab gitlab CVE-2023-7028 is a vulnerability in GitLab
Published on January 12, 2024

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.

Vendor Advisory Vendor Advisory NVD

Known Exploited Vulnerability

This GitLab Community and Enterprise Editions Improper Access Control Vulnerability is part of CISA's list of Known Exploited Vulnerabilities. GitLab Community and Enterprise Editions contain an improper access control vulnerability. This allows an attacker to trigger password reset emails to be sent to an unverified email address to ultimately facilitate an account takeover.

The following remediation steps are recommended / required by May 22, 2024: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Vulnerability Analysis

CVE-2023-7028 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.

Weak Password Recovery Mechanism for Forgotten Password

The software contains a mechanism for users to recover or change their passwords without knowing the original password, but the mechanism is weak.


Products Associated with CVE-2023-7028

You can be notified by stack.watch whenever vulnerabilities like CVE-2023-7028 are published in these products:

 

What versions of GitLab are vulnerable to CVE-2023-7028?