CVE-2024-8114
CVSS V2 None
CVSS V3 None
Description
An issue has been discovered in GitLab CE/EE affecting all versions from 8.12 before 17.4.5, 17.5 before 17.5.3, and 17.6 before 17.6.1. This issue allows an attacker with access to a victim's Personal Access Token (PAT) to escalate privileges.
Overview
- CVE ID
- CVE-2024-8114
- Assigner
- GitLab
- Vulnerability Status
- PUBLISHED
- Published Version
- 2024-11-26T18:31:10.674Z
- Last Modified Date
- 2024-11-26T18:41:24.321Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/480494 | issue-tracking permissions-required |
https://hackerone.com/reports/2649822 | technical-description exploit permissions-required |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2024-8114 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-8114 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-11-27 13:07:47 | Added to TrackCVE |