CVE-2022-2884

A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint

CVSS v3 9.9 CRITICAL

9.9^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.1 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
http://packetstormsecurity.com/files/171628/GitLab-15.3-Remote-Code-Execution.html
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2884.json	Third Party Advisory
https://gitlab.com/gitlab-org/gitlab/-/issues/371098	Third Party Advisory
https://hackerone.com/reports/1672388	Permissions Required Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*

History

No history.

Information

Published : 2022-10-17 16:15

Updated : 2023-04-03 20:15

NVD link : CVE-2022-2884

Mitre link : CVE-2022-2884

CVE.ORG link : CVE-2022-2884

JSON object : View

Products Affected

gitlab

gitlab

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2022-2884", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}, {"type": "Secondary", "source": "cve@gitlab.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 3.1}]}, "published": "2022-10-17T16:15:21.453", "references": [{"url": "http://packetstormsecurity.com/files/171628/GitLab-15.3-Remote-Code-Execution.html", "source": "cve@gitlab.com"}, {"url": "https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2884.json", "tags": ["Third Party Advisory"], "source": "cve@gitlab.com"}, {"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/371098", "tags": ["Third Party Advisory"], "source": "cve@gitlab.com"}, {"url": "https://hackerone.com/reports/1672388", "tags": ["Permissions Required", "Third Party Advisory"], "source": "cve@gitlab.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint"}, {"lang": "es", "value": "Una vulnerabilidad en GitLab CE/EE afectando a todas las versiones desde la 11.3.4 anteriores a 15.1.5, desde la 15.2 a 15.2.3, desde la 15.3 a 15.3.1, permite a un usuario autenticado lograr una ejecuci\u00f3n de c\u00f3digo remota por medio del endpoint de la API Import from GitHub"}], "lastModified": "2023-04-03T20:15:07.673", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "18FB513A-106E-4F22-AE3C-925910B73974", "versionEndExcluding": "15.1.5", "versionStartIncluding": "11.3.4"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "0650671A-D69C-4BA8-B127-2187953A981A", "versionEndExcluding": "15.1.5", "versionStartIncluding": "11.3.4"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "76941E90-BEA1-4F0E-96F3-330C1496708F", "versionEndExcluding": "15.2.3", "versionStartIncluding": "15.2"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "C09289D8-65AA-40EB-859A-723345B6162C", "versionEndExcluding": "15.2.3", "versionStartIncluding": "15.2"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "110D4A9A-CEFA-412F-B117-E2BC03F268FA", "versionEndExcluding": "15.3.1", "versionStartIncluding": "15.3"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "FED2BA5A-129B-4943-9E8C-464C6A6A1162", "versionEndExcluding": "15.3.1", "versionStartIncluding": "15.3"}], "operator": "OR"}]}], "sourceIdentifier": "cve@gitlab.com"}