CVE-2022-2884
GitLab v15.3 - Remote Code Execution (RCE) (Authenticated)
Severity Score
9.9
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2.3, 15.3 to 15.3 to 15.3.1 allows an an authenticated user to achieve remote code execution via the Import from GitHub API endpoint
Una vulnerabilidad en GitLab CE/EE afectando a todas las versiones desde la 11.3.4 anteriores a 15.1.5, desde la 15.2 a 15.2.3, desde la 15.3 a 15.3.1, permite a un usuario autenticado lograr una ejecución de código remota por medio del endpoint de la API Import from GitHub
GitLab version 15.3 suffers from a remote code execution vulnerability.
*Credits:
Thanks [yvvdwf](https://hackerone.com/yvvdwf) for reporting this vulnerability through our HackerOne bug bounty program.
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-08-18 CVE Reserved
- 2022-10-17 CVE Published
- 2023-04-01 First Exploit
- 2024-08-03 CVE Updated
- 2024-09-02 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CAPEC
References (4)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/171628/GitLab-15.3-Remote-Code-Execution.html |
|
|
| https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2884.json | Third Party Advisory | |
| https://gitlab.com/gitlab-org/gitlab/-/issues/371098 | Third Party Advisory |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/51181 | 2023-04-01 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 11.3.4 < 15.1.5 Search vendor "Gitlab" for product "Gitlab" and version " >= 11.3.4 < 15.1.5" | community |
Affected
| ||||||
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 11.3.4 < 15.1.5 Search vendor "Gitlab" for product "Gitlab" and version " >= 11.3.4 < 15.1.5" | enterprise |
Affected
| ||||||
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 15.2 < 15.2.3 Search vendor "Gitlab" for product "Gitlab" and version " >= 15.2 < 15.2.3" | community |
Affected
| ||||||
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 15.2 < 15.2.3 Search vendor "Gitlab" for product "Gitlab" and version " >= 15.2 < 15.2.3" | enterprise |
Affected
| ||||||
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 15.3 < 15.3.1 Search vendor "Gitlab" for product "Gitlab" and version " >= 15.3 < 15.3.1" | community |
Affected
| ||||||
| Gitlab Search vendor "Gitlab" | Gitlab Search vendor "Gitlab" for product "Gitlab" | >= 15.3 < 15.3.1 Search vendor "Gitlab" for product "Gitlab" and version " >= 15.3 < 15.3.1" | enterprise |
Affected
| ||||||