CVE-2023-1621
First published: Tue Jun 06 2023(Updated: )
An issue has been discovered in GitLab EE affecting all versions starting from 12.0 before 15.10.5, all versions starting from 15.11 before 15.11.1. A malicious group member may continue to commit to projects even from a restricted IP address.
Credit: cve@gitlab.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GitLab | >=12.0.0<15.10.5 | |
| GitLab | >=15.11.0<15.11.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2023-1621?
CVE-2023-1621 has been classified as a moderate severity vulnerability due to the potential for unauthorized access.
How do I fix CVE-2023-1621?
To fix CVE-2023-1621, you should upgrade GitLab to version 15.10.5 or higher, or to version 15.11.1 or higher.
Who is affected by CVE-2023-1621?
CVE-2023-1621 affects all versions of GitLab EE starting from 12.0 up to but not including 15.10.5 and from 15.11 up to but not including 15.11.1.
What issues can arise from CVE-2023-1621?
CVE-2023-1621 allows a malicious group member to continue committing to projects even if they are operating from a restricted IP address.
When was CVE-2023-1621 discovered?
CVE-2023-1621 was discovered recently but does not specify an exact date in the provided details.
- agent/type
- agent/references
- agent/author
- agent/softwarecombine
- agent/description
- agent/severity
- agent/event
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/gitlab
- canonical/gitlab
- version/gitlab/12.0.0
- version/gitlab/15.11.0