Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2019-15741

Published: 16/09/2019 Updated: 28/02/2023
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Gitlab

Vulnerability Summary

An issue exists in GitLab Omnibus 7.4 up to and including 12.2.1. An unsafe interaction with logrotate could result in a privilege escalation

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gitlab omnibus

Exploits

Exploit DB: GitLab Omnibus 12.2.1 Logrotate Privilege Escalation
Gitlab Omnibus versions 74 through 1221 suffer from a privilege escalation vulnerability that leverages a race condition in logrotate, resulting in a root shell ...

References

NVD-CWE-noinfohttps://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/https://gitlab.com/gitlab-org/omnibus-gitlab/issues/4380http://seclists.org/fulldisclosure/2019/Oct/7http://packetstormsecurity.com/files/154734/GitLab-Omnibus-12.2.1-Logrotate-Privilege-Escalation.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/154734/GitLab-Omnibus-12.2.1-Logrotate-Privilege-Escalation.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client sideCVE-2023-31889template injectionCVE-2024-4304CVE-2006-4304CVE-2024-33272type confusionCVE-2024-21345CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook