Published: 09/09/2019 Updated: 24/08/2020

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:P/I:N/A:N

An issue exists in GitLab Community and Enterprise Edition 10.x (starting in 10.7) and 11.x prior to 11.5.8, 11.6.x prior to 11.6.6, and 11.7.x prior to 11.7.1. It has Incorrect Access Control. System notes contain an access control issue that permits a guest user to view merge request titles.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gitlab gitlab

Debian Bug report logs - #921059 gitlab: CVE-2019-6781 CVE-2019-6782 CVE-2019-6783 CVE-2019-6784 CVE-2019-6785 CVE-2019-6786 CVE-2019-6787 CVE-2019-6788 CVE-2019-6789 CVE-2019-6790 CVE-2019-6791 CVE-2019-6792 CVE-2019-6794 CVE-2019-6795 CVE-2019-6796 CVE-2019-6960 CVE-2019-6995 CVE-2019-6997 CVE-2019-7155 CVE-2019-7176 Package: src:gitlab ...

CWE-269 https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/https://gitlab.com/gitlab-org/gitlab-ce/issues/53858 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921059 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-6997

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect