AI description
CVE-2023-7028 is an account takeover vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE). It allows attackers to reset a user's password by exploiting a flaw in the password reset email process. By providing two email addresses during the reset request, the attacker can have the reset code sent to both their own email and the target's email address, thus gaining control of the account. Users with two-factor authentication enabled and those using LDAP logins are not susceptible to this vulnerability. This vulnerability has been actively exploited, prompting the Cybersecurity and Infrastructure Security Agency (CISA) to add it to its Known Exploited Vulnerabilities Catalog in May 2024. It was assigned a maximum CVSS score of 10, indicating its critical nature.
- Description
- An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
- Source
- cve@gitlab.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- GitLab Community and Enterprise Editions Improper Access Control Vulnerability
- Exploit added on
- May 1, 2024
- Exploit action due
- May 22, 2024
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Hype score
- Not currently trending
Interesting account take over on Git Lab ( CVE-2023-7028 ) : https://t.co/QIXIDYQiYq #bugbountytips #BugBounty https://t.co/5Cb7vICdQj
@zack0x01
27 Feb 2025
176 Impressions
0 Retweets
6 Likes
0 Bookmarks
1 Reply
0 Quotes
🤯 I takto jednoduché bezpečnostní chyby s kritickou závažností se stávají Na konci roku 2023 objevil výzkumník asterion04 bezpečnostní zranitelnost v nástroji GitLab, který slouží k správě zdrojových kódů a podporu vývoje a dostala označení CVE-2023-7028 (CVSS 10). Včera byly…
@GOVCERT_CZ
27 Feb 2025
587 Impressions
2 Retweets
6 Likes
2 Bookmarks
1 Reply
0 Quotes
Interesting to see so many people discovering Gitlab's CVE-2023-7028 today...
@snyff
26 Feb 2025
1533 Impressions
0 Retweets
23 Likes
5 Bookmarks
2 Replies
0 Quotes
🚨CVE-2023-7028 Exploit: GitLab Password Reset Poisoning Vulnerability https://t.co/SVszcLbRB4 This repository contains an exploit for CVE-2023-7028, a critical vulnerability in GitLab that allows an attacker to abuse the password reset functionality and take over accounts,… ht
@DarkWebInformer
18 Feb 2025
3763 Impressions
10 Retweets
21 Likes
8 Bookmarks
0 Replies
0 Quotes
Great start for new target 🔥 Started recon on a target, I found a Gitlab subdomain and searched for the revision ID in the page source code. It is vulnerable to CVE-2023-7028 that lets attackers to take over accounts! Time to get some code! 😎 #BugBounty #BugBountytips #Hacking
@Verickhack
4 Nov 2024
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Great start for new target 🔥 Started recon on a target, I found a Gitlab subdomain and searched for the revision ID in the page source code. It is vulnerable to CVE-2023-7028 that lets attackers to take over accounts! Time to get some code! 😎 #BugBounty #BugBountytips #Hacking
@chux13786509
4 Nov 2024
5232 Impressions
7 Retweets
102 Likes
54 Bookmarks
3 Replies
0 Quotes
GitLab CVE-2023-7028 #cybersecurity https://t.co/aKPJWN7Rfm
@mustyx0x1
31 Oct 2024
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4D1D5473-F384-420D-BD91-F2466F2CA278",
"versionEndExcluding": "16.1.6",
"versionStartIncluding": "16.1.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "6BEF9E84-75C1-41C0-BE14-7F550E2BE932",
"versionEndExcluding": "16.1.6",
"versionStartIncluding": "16.1.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "1D29FF9D-9113-44A9-99C2-074B1B217B7C",
"versionEndExcluding": "16.2.9",
"versionStartIncluding": "16.2.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AEA35F1C-5E02-407B-ADC6-4FDEFF885E59",
"versionEndExcluding": "16.2.9",
"versionStartIncluding": "16.2.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B3F039EF-84DD-41B6-AB5D-BF3F44A488C2",
"versionEndExcluding": "16.3.7",
"versionStartIncluding": "16.3.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "02C5947D-659A-4AE9-B2C8-08287AC03BF2",
"versionEndExcluding": "16.3.7",
"versionStartIncluding": "16.3.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C89EFE63-81D9-4964-BE91-BF31AA40C165",
"versionEndExcluding": "16.4.5",
"versionStartIncluding": "16.4.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4B4C9455-DBA2-480B-8C59-898BC9DB8795",
"versionEndExcluding": "16.4.5",
"versionStartIncluding": "16.4.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A1A5DDAD-5B04-4643-8ACD-15D7C6CD76C2",
"versionEndExcluding": "16.5.6",
"versionStartIncluding": "16.5.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24A21A70-46F1-4B28-BECB-4266AABBBD57",
"versionEndExcluding": "16.5.6",
"versionStartIncluding": "16.5.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7198B7E4-9928-4B7D-9D00-6B76CCAC3875",
"versionEndExcluding": "16.6.4",
"versionStartIncluding": "16.6.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D294EA47-B2EF-42D6-A92B-93CEA5D209B7",
"versionEndExcluding": "16.6.4",
"versionStartIncluding": "16.6.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E66EC8A8-E889-450A-86B4-7D930788FF58",
"versionEndExcluding": "16.7.2",
"versionStartIncluding": "16.7.0"
},
{
"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DDBB44E5-7ED3-4C9B-9241-2E6DB79A3E27",
"versionEndExcluding": "16.7.2",
"versionStartIncluding": "16.7.0"
}
],
"operator": "OR"
}
]
}
]