We expect exploitation to increase as details of the unauthenticated nature of this vulnerability become more widely understood.Īccording to GitLab’s April 2021 advisory, CVE-2021-22205 affects all versions of both GitLab Enterprise Edition (EE) and GitLab Community Edition (CE) starting from 11.9. There are multiple recently published public exploits for this vulnerability, and it reportedly has been exploited in the wild since June or July of 2021. Rapid7’s vulnerability research team has a full root cause analysis of CVE-2021-22205 in AttackerKB. Despite the tiny move in CVSS score, a change from authenticated to unauthenticated has big implications for defenders. The increase in score was the result of changing the vulnerability from an authenticated issue to an unauthenticated issue. However, on SeptemGitLab revised the CVSSv3 score to 10.0. A remote attacker could execute arbitrary commands as the git user due to ExifTool’s mishandling of DjVu files, an issue that was later assigned CVE-2021-22204.ĬVE-2021-22205 was initially assigned a CVSSv3 score of 9.9.
At the time, GitLab described the issue as an authenticated vulnerability that was the result of passing user-provided images to the service’s embedded version of ExifTool. On April 14, 2021, GitLab published a security release to address CVE-2021-22205, a critical remote code execution vulnerability in the service’s web interface.
0 kommentar(er)
