CVE-2021-22177
Published Apr 1, 2021
Last updated 4 years ago
Overview
- Description
- Potential DoS was identified in gitlab-shell in GitLab CE/EE version 12.6.0 or above, which allows an attacker to spike the server resource utilization via gitlab-shell command.
- Source
- cve@gitlab.com
- NVD status
- Analyzed
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 4
- Impact score
- 2.9
- Exploitability score
- 8
- Vector string
- AV:N/AC:L/Au:S/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-400
Configurations
[ { "nodes": [ { "negate": false, "cpeMatch": [ { "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "C88743C3-C946-427D-A7A0-CE43356112A5", "versionEndExcluding": "13.6.7", "versionStartIncluding": "12.6.0" }, { "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "F233F48C-70A3-4EE6-9BAF-705FAB25EBA8", "versionEndExcluding": "13.6.7", "versionStartIncluding": "12.6.0" }, { "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "4BBAF21A-84DD-4987-B4BE-2A8CAA44210A", "versionEndExcluding": "13.7.7", "versionStartIncluding": "13.7.0" }, { "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "9AE735A5-FC67-4B16-B27B-86C51C8771C1", "versionEndExcluding": "13.7.7", "versionStartIncluding": "13.7.0" }, { "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "D3009669-C930-4517-914D-5DB9A0E40B59", "versionEndExcluding": "13.8.4", "versionStartIncluding": "13.8.0" }, { "criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "9F7976E8-BDA5-4104-AC3E-38C02CC613A7", "versionEndExcluding": "13.8.4", "versionStartIncluding": "13.8.0" } ], "operator": "OR" } ] } ]