Vulnerability Details : CVE-2016-4340
The impersonate feature in Gitlab 8.7.0, 8.6.0 through 8.6.7, 8.5.0 through 8.5.11, 8.4.0 through 8.4.9, 8.3.0 through 8.3.8, and 8.2.0 through 8.2.4 allows remote authenticated users to "log in" as any other user via unspecified vectors.
Products affected by CVE-2016-4340
- cpe:2.3:a:gitlab:gitlab:8.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.4:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.5:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.6.7:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.10:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.11:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.6:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.8:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.6.5:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.7:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.5.9:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:gitlab:gitlab:8.6.6:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-4340
2.56%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 89 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-4340
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2016-4340
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-4340
-
http://packetstormsecurity.com/files/138368/GitLab-Impersonate-Privilege-Escalation.html
GitLab Impersonate Privilege Escalation ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
https://gitlab.com/gitlab-org/gitlab-ce/issues/15548
Vulnerability in the impersonation feature allows any signed in user to sign in as any other user (#15548) · Issues · GitLab.org / GitLab Community Edition · GitLabIssue Tracking;Vendor Advisory;Patch
-
https://about.gitlab.com/2016/05/02/cve-2016-4340-patches/
Critical Security Release for GitLab 8.2 through 8.7 | GitLabMitigation;Patch;Vendor Advisory
-
https://www.exploit-db.com/exploits/40236/
GitLab - 'impersonate' Feature Privilege EscalationExploit;Third Party Advisory;VDB Entry
Jump to