Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv3

CVE-2023-2825

Published: 26/05/2023 Updated: 29/05/2023
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Gitlab

Vulnerability Summary

An issue has been discovered in GitLab CE/EE affecting only version 16.0.0. An unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gitlab gitlab 16.0.0

Github Repositories

https://github.com/Occamsec/CVE-2023-2825

GitLab CVE-2023-2825 PoC. This PoC leverages a path traversal vulnerability to retrieve the /etc/passwd file from a system running GitLab 16.0.0.

CVE-2023-2825 - GitLab CE/EE 1600 Arbitrary File Read via Path Traversal On May 23, 2023 GitLab released version 1601 which fixed a critical vulnerability, CVE-2023-2825, affecting the Community Edition (CE) and Enterprise Edition (EE) version 1600 The vulnerability allows unauthenticated users to read arbitrary files through a path traversal bug It was discovered by pw

https://github.com/EmmanuelCruzL/CVE-2023-2825

On May 23, 2023 GitLab released version 16.0.1 which fixed a critical vulnerability, CVE-2023-2825, affecting the Community Edition (CE) and Enterprise Edition (EE) version 16.0.0. The vulnerability allows unauthenticated users to read arbitrary files through a path traversal bug.

CVE-2023-2825 On May 23, 2023 GitLab released version 1601 which fixed a critical vulnerability, CVE-2023-2825, affecting the Community Edition (CE) and Enterprise Edition (EE) version 1600 The vulnerability allows unauthenticated users to read arbitrary files through a path traversal bug

https://github.com/Tornad0007/CVE-2023-2825-Gitlab

the proof of concept written in Python for an unauthenticated malicious user can use a path traversal vulnerability to read arbitrary files on the server when an attachment exists in a public project nested within at least five groups. This is a critical severity issue

CVE-2023-2825 On May 23, 2023 GitLab released version 1601 which fixed a critical vulnerability, CVE-2023-2825, affecting the Community Edition (CE) and Enterprise Edition (EE) version 1600 The vulnerability allows unauthenticated users to read arbitrary files through a path traversal bug It was discovered by pwnie on HackerOne through the bug bounty program At the time

References

CWE-22https://hackerone.com/reports/1994725https://gitlab.com/gitlab-org/gitlab/-/issues/412371https://gitlab.com/gitlab-org/cves/-/blob/master/2023/CVE-2023-2825.jsonhttps://nvd.nist.govhttps://github.com/Occamsec/CVE-2023-2825
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987buffer overflowCVE-2024-28890CVE-2024-27574CVE-2024-27347CVE-2024-31450privilegeSSTICVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook