Lucene search
PRIOn knowledge basePRION:CVE-2023-6680HistoryDec 15, 2023 - 4:15 p.m.
Input validation
2023-12-1516:15:00
PRIOn knowledge base
www.prio-n.com
7
certificate validation
smartcard authentication
gitlab ee
security issue
public key
administrator control
experimental feature
An improper certificate validation issue in Smartcard authentication in GitLab EE affecting all versions from 11.6 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows an attacker to authenticate as another user given their public key if they use Smartcard authentication. Smartcard authentication is an experimental feature and has to be manually enabled by an administrator.
Related
debiancve
debiancve
CVE-2023-6680
2023-12-15 16:15:46
nessus
nessus
GitLab 11.6 < 16.4.4 / 16.5 < 16.5.4 / 16.6 < 16.6.2 (CVE-2023-6680)
2023-12-14 00:00:00
FreeBSD : Gitlab -- vulnerabilities (e2fb85ce-9a3c-11ee-af26-001b217b3468)
2023-12-14 00:00:00
cvelist
cvelist
CVE-2023-6680 Improper Certificate Validation in GitLab
2023-12-15 16:02:40
ubuntucve
ubuntucve
CVE-2023-6680
2023-12-15 00:00:00
osv
osv
CVE-2023-6680
2023-12-15 16:15:46
BIT-gitlab-2023-6680
2024-03-06 10:54:27
nvd
nvd
CVE-2023-6680
2023-12-15 16:15:46
cve
cve
CVE-2023-6680
2023-12-15 16:15:46
freebsd
freebsd
Gitlab -- vulnerabilities
2023-12-13 00:00:00