Navigation
Recherche
|
Maximum-Severity GitLab Flaw Allowing Account Hijacking Under Active Exploitation
jeudi 2 mai 2024, 22:40 , par Slashdot
While exploits required no user interaction, hijackings worked only against accounts that weren't configured to use multi-factor authentication. Even with MFA, accounts remained vulnerable to password resets. The vulnerability, tracked as CVE-2023-7028, carries a severity rating of 10 out of a possible 10. The vulnerability, classified as an improper access control flaw, could pose a grave threat. GitLab software typically has access to multiple development environments belonging to users. With the ability to access them and surreptitiously introduce changes, attackers could sabotage projects or plant backdoors that could infect anyone using software built in the compromised environment. An example of a similar supply chain attack is the one that hit SolarWinds in 2021, infecting more than 18,000 of its customers. Other recent examples of supply chain attacks are here, here, and here. These sorts of attacks are powerful. By hacking a single, carefully selected target, attackers gain the means to infect thousands of downstream users, often without requiring them to take any action at all. According to Internet scans performed by security organization Shadowserver, more than 2,100 IP addresses showed they were hosting one or more vulnerable GitLab instances. In order to protect your system, you should enable MFA and install the latest patch. 'GitLab users should also remember that patching does nothing to secure systems that have already been breached through exploits,' notes Goodin. Read more of this story at Slashdot.
https://it.slashdot.org/story/24/05/02/1934220/maximum-severity-gitlab-flaw-allowing-account-hijacki...
Voir aussi |
56 sources (32 en français)
Date Actuelle
sam. 18 mai - 07:05 CEST
|