| ID |
CVE-2022-2326
|
| Summary |
An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible to gain access to a private project through an email invite by using other user's email address as an unverified secondary email. |
| References |
|
| Vulnerable Configurations |
-
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
-
cpe:2.3:a:gitlab:gitlab:15.1.3:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:15.1.3:*:*:*:enterprise:*:*:*
-
cpe:2.3:a:gitlab:gitlab:15.2:*:*:*:enterprise:*:*:*
cpe:2.3:a:gitlab:gitlab:15.2:*:*:*:enterprise:*:*:*
-
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
-
cpe:2.3:a:gitlab:gitlab:15.1.3:*:*:*:community:*:*:*
cpe:2.3:a:gitlab:gitlab:15.1.3:*:*:*:community:*:*:*
|
| CVSS |
| Base: | None |
| Impact: | |
| Exploitability: | |
|
| CWE |
CWE-863 |
| CAPEC |
|
| Access |
| Vector | Complexity | Authentication |
|
|
|
|
| Impact |
| Confidentiality | Integrity | Availability |
|
|
|
|
| Last major update |
11-08-2022 - 15:40 |
| Published |
05-08-2022 - 16:15 |
| Last modified |
11-08-2022 - 15:40 |
