Lucene search
GitLabCVELIST:CVE-2022-2243HistoryJul 01, 2022 - 3:52 p.m.
CVE-2022-2243
2022-07-0115:52:32
GitLab
www.cve.org
1
access control
gitlab
authenticated users
enumerate issues
non-linked sentry projects
vulnerability
CVSS3
5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
29.6%
An access control vulnerability in GitLab EE/CE affecting all versions from 14.8 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1, allows authenticated users to enumerate issues in non-linked sentry projects.
CNA Affected
[
{
"product": "GitLab",
"vendor": "GitLab",
"versions": [
{
"status": "affected",
"version": ">=14.8, <14.10.5"
},
{
"status": "affected",
"version": ">=15.0, <15.0.4"
},
{
"status": "affected",
"version": ">=15.1, <15.1.1"
}
]
}
]Related
nessus
nessus
GitLab 14.8 < 14.10.5 / 15.0 < 15.0.4 / 15.1 < 15.1.1 (CVE-2022-2243)
2022-07-11 00:00:00
prion
prion
Improper access control
2022-07-01 16:15:00
ubuntucve
ubuntucve
CVE-2022-2243
2022-07-01 00:00:00
osv
osv
BIT-gitlab-2022-2243
2024-03-06 11:15:27
CVE-2022-2243
2022-07-01 16:15:08
cve
cve
CVE-2022-2243
2022-07-01 16:15:08
veracode
veracode
Improper Access Control
2023-08-06 23:10:51
debiancve
debiancve
CVE-2022-2243
2022-07-01 16:15:08
nvd
nvd
CVE-2022-2243
2022-07-01 16:15:08
openvas
openvas
freebsd
freebsd
Gitlab -- multiple vulnerabilities
2022-06-30 00:00:00
CVSS3
5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
AI Score
5.3
Confidence
High
EPSS
0.001
Percentile
29.6%
Related for CVELIST:CVE-2022-2243