CVE-2019-10115
Published May 16, 2019
Last updated 4 years ago
Overview
- Description
- An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2. The GitLab Releases feature could allow guest users access to private information like release details and code information.
- Source
- cve@mitre.org
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:P/I:N/A:N
Weaknesses
- nvd@nist.gov
- CWE-732
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6512499B-A054-44FD-B233-18FDB4352149",
"versionEndExcluding": "11.7.8"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5F337BCF-E927-4F9A-B578-8D3BF4BF1BA0",
"versionEndExcluding": "11.7.8"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "75395889-A145-4027-B09A-C79558A6FCBE",
"versionEndExcluding": "11.8.4",
"versionStartIncluding": "11.8.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "5BEABDC6-7DCC-4C95-8CD7-8F834F2EF5FD",
"versionEndExcluding": "11.8.4",
"versionStartIncluding": "11.8.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "54A0F503-7F38-401F-AC54-E5E10CFC1B1D",
"versionEndExcluding": "11.9.2",
"versionStartIncluding": "11.9.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B6F651B7-7BAD-4247-9E27-BA0FC363C718",
"versionEndExcluding": "11.9.2",
"versionStartIncluding": "11.9.0"
}
],
"operator": "OR"
}
]
}
]