CVE-2022-1426
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
An issue has been discovered in GitLab affecting all versions starting from 12.6 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly authenticating a user that had some certain amount of information which allowed an user to authenticate without a personal access token.
Se ha detectado un problema en GitLab afectando a todas las versiones a partir de la 12.6 anteriores a 14.8.6, todas las versiones a partir de la 14.9 anteriores a 14.9.4, todas las versiones a partir de la 14.10 anteriores a 14.10.1. GitLab no autenticaba correctamente a un usuario que tenía determinada información que le permitía autenticarse sin un token de acceso personal
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-04-21 CVE Reserved
- 2022-05-11 CVE Published
- 2023-12-02 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-287: Improper Authentication
CAPEC
References (2)
URL | Tag | Source |
---|---|---|
https://gitlab.com/gitlab-org/gitlab/-/issues/296866 | Broken Link |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-1426.json | 2022-05-18 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 12.6.0 < 14.8.6 Search vendor "Gitlab" for product "Gitlab" and version " >= 12.6.0 < 14.8.6" | community |
Affected
| ||||||
Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 12.6.0 < 14.8.6 Search vendor "Gitlab" for product "Gitlab" and version " >= 12.6.0 < 14.8.6" | enterprise |
Affected
| ||||||
Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 14.9.0 < 14.9.4 Search vendor "Gitlab" for product "Gitlab" and version " >= 14.9.0 < 14.9.4" | community |
Affected
| ||||||
Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 14.9.0 < 14.9.4 Search vendor "Gitlab" for product "Gitlab" and version " >= 14.9.0 < 14.9.4" | enterprise |
Affected
| ||||||
Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | 14.10.0 Search vendor "Gitlab" for product "Gitlab" and version "14.10.0" | community |
Affected
| ||||||
Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | 14.10.0 Search vendor "Gitlab" for product "Gitlab" and version "14.10.0" | enterprise |
Affected
|