CVE-2023-7028

Published Jan 12, 2024

Last updated 2 months ago

Exploit knownCVSS critical 10.0

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2023-7028 is an account takeover vulnerability affecting GitLab Community Edition (CE) and Enterprise Edition (EE). It allows attackers to reset a user's password by exploiting a flaw in the password reset email process. By providing two email addresses during the reset request, the attacker can have the reset code sent to both their own email and the target's email address, thus gaining control of the account. Users with two-factor authentication enabled and those using LDAP logins are not susceptible to this vulnerability. This vulnerability has been actively exploited, prompting the Cybersecurity and Infrastructure Security Agency (CISA) to add it to its Known Exploited Vulnerabilities Catalog in May 2024. It was assigned a maximum CVSS score of 10, indicating its critical nature.

Description
An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to an unverified email address.
Source
cve@gitlab.com
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
GitLab Community and Enterprise Editions Improper Access Control Vulnerability
Exploit added on
May 1, 2024
Exploit action due
May 22, 2024
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weaknesses

cve@gitlab.com
CWE-640
nvd@nist.gov
CWE-640

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. 🚨CVE-2023-7028 Exploit: GitLab Password Reset Poisoning Vulnerability https://t.co/SVszcLbRB4 This repository contains an exploit for CVE-2023-7028, a critical vulnerability in GitLab that allows an attacker to abuse the password reset functionality and take over accounts,… ht

    @DarkWebInformer

    18 Feb 2025

    3763 Impressions

    10 Retweets

    21 Likes

    8 Bookmarks

    0 Replies

    0 Quotes

  2. Great start for new target 🔥 Started recon on a target, I found a Gitlab subdomain and searched for the revision ID in the page source code. It is vulnerable to CVE-2023-7028 that lets attackers to take over accounts! Time to get some code! 😎 #BugBounty #BugBountytips #Hacking

    @Verickhack

    4 Nov 2024

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Great start for new target 🔥 Started recon on a target, I found a Gitlab subdomain and searched for the revision ID in the page source code. It is vulnerable to CVE-2023-7028 that lets attackers to take over accounts! Time to get some code! 😎 #BugBounty #BugBountytips #Hacking

    @chux13786509

    4 Nov 2024

    5232 Impressions

    7 Retweets

    102 Likes

    54 Bookmarks

    3 Replies

    0 Quotes

  4. GitLab CVE-2023-7028 #cybersecurity https://t.co/aKPJWN7Rfm

    @mustyx0x1

    31 Oct 2024

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References