CVE-2024-9693

Published Nov 14, 2024

Last updated 2 days ago

CVSS high 8.5

Overview

Description
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.0 prior to 17.3.7, starting from 17.4 prior to 17.4.4, and starting from 17.5 prior to 17.5.2, which could have allowed unauthorized access to the Kubernetes agent in a cluster under specific configurations.
Source
cve@gitlab.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.5
Impact score
6
Exploitability score
1.8
Vector string
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
HIGH

Weaknesses

cve@gitlab.com
CWE-863

Social media

Hype score
Not currently trending

  1. Threat Alert: CVE-2024-9693: GitLab Issues Critical Patch for Kubernetes Agent CVE-2024-9693 CVE-2024-7404 CVE-2024-8648 Severity: ⚠️ Critical Maturity: 🧨 Trending Learn more: https://t.co/KXrmGu6Z1O #CyberSecurity #ThreatIntel #InfoSec

    @fletch_ai

    15 Nov 2024

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2024-9693 Unauthorized Access Risk in GitLab's Kubernetes Agent Configuration A problem was found in GitLab CE/EE. It affects all versions from 16.0 up to before 17.3.7, from 17.4 up to before 17.4.4, and fro... https://t.co/Lr9OVZzZfm

    @VulmonFeeds

    14 Nov 2024

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. GitLab fixes High severity vulnerability CVE-2024-9693 #Gitlab #CVE-2024-9693 https://t.co/5Rv7Gie3Rw

    @pravin_karthik

    14 Nov 2024

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. [CVE-2024-9693: HIGH] Critical security flaw in GitLab CE/EE versions 16.0 to 17.5.2 revealed, granting unauthorized access to Kubernetes agent in clusters with certain configurations. Update recommended.#cybersecurity,#vulnerability https://t.co/EpayzupjF8 https://t.co/r5ZJHIypL

    @CveFindCom

    14 Nov 2024

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨Alert🚨CVE-2024-9693: GitLab Issues Critical Patch for Kubernetes Agent 📊 3.7M+ Services are found on https://t.co/ysWb28BTvF yearly. 🔗Hunter Link: https://t.co/lEH86BBQp7 👇Query HUNTER:/product.name="GitLab" SHODAN: http.component:"GitLab" FOFA: app="GitLab" 📰Refer:… https

    @HunterMapping

    14 Nov 2024

    2161 Impressions

    10 Retweets

    27 Likes

    14 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2024-9693: GitLab Issues Critical Patch for Kubernetes Agent Learn about the critical security update from #GitLab addressing a high-severity vulnerability in #Kubernetes clusters. https://t.co/bUnC6Y07Yb

    @the_yellow_fall

    14 Nov 2024

    199 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References