2022-09-14 16:27:45 +00:00
id : CVE-2022-2185
info :
2023-04-07 15:43:51 +00:00
name : GitLab CE/EE - Remote Code Execution
2022-09-14 16:27:45 +00:00
author : GitLab Red Team
2022-11-11 14:58:53 +00:00
severity : high
2023-04-07 15:43:51 +00:00
description : GitLab CE/EE 14.0 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1 is susceptible to remote code execution. An authenticated user authorized to import projects can import a maliciously crafted project, thus possibly being able to execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
2023-09-27 15:51:13 +00:00
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system.
2023-09-06 11:59:08 +00:00
remediation : |
Apply the latest security patches provided by GitLab to mitigate this vulnerability.
2022-09-14 16:27:45 +00:00
reference :
- https://gitlab.com/gitlab-com/gl-security/threatmanagement/redteam/redteam-public/cve-hash-harvester
- https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-2185.json
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2185
2023-04-07 15:43:51 +00:00
- https://nvd.nist.gov/vuln/detail/CVE-2022-2185
2023-07-11 19:49:27 +00:00
- https://gitlab.com/gitlab-org/gitlab/-/issues/366088
2022-09-14 16:27:45 +00:00
classification :
2022-11-11 14:58:53 +00:00
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score : 8.8
2022-09-14 16:27:45 +00:00
cve-id : CVE-2022-2185
2023-08-31 11:46:18 +00:00
cwe-id : CWE-78
2024-03-23 09:28:19 +00:00
epss-score : 0.5071
epss-percentile : 0.97469
2023-09-06 11:59:08 +00:00
cpe : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
2022-09-14 16:27:45 +00:00
metadata :
2023-04-28 08:11:21 +00:00
max-request : 1
2023-07-11 19:49:27 +00:00
vendor : gitlab
product : gitlab
2023-09-06 11:59:08 +00:00
shodan-query : http.title:"GitLab"
2022-11-11 19:32:49 +00:00
tags : cve,cve2022,gitlab
2022-09-14 16:27:45 +00:00
2023-04-27 04:28:59 +00:00
http :
2022-09-14 16:27:45 +00:00
- method : GET
path :
- "{{BaseURL}}/users/sign_in"
redirects : true
max-redirects : 3
matchers :
- type : word
words :
- "003236d7e2c5f1f035dc8b67026d7583ee198b568932acd8faeac18cec673dfa"
- "1062bbba2e9b04e360569154a8df8705a75d9e17de1a3a9acd5bd20f000fec8b"
- "1832611738f1e31dd00a8293bbf90fce9811b3eea5b21798a63890dbc51769c8"
- "1ae98447c220181b7bd2dfe88018cb6e1b1e4d12d7b8c224d651a48ed2d95dfe"
- "1d765038b21c5c76ff8492561c29984f3fa5c4b8cfb3a6c7b216ac8ab18b78c7"
- "1d840f0c4634c8813d3056f26cbab7a685d544050360a611a9df0b42371f4d98"
- "2ea7e9be931f24ebc2a67091b0f0ff95ba18e386f3d312545bb5caaac6c1a8be"
- "301b60d2c71a595adfb65b22edee9023961c5190e1807f6db7c597675b0a61f0"
- "383b8952f0627703ada7774dd42f3b901ea2e499fd556fce3ae0c6d604ad72b7"
- "4f233d907f30a050ca7e40fbd91742d444d28e50691c51b742714df8181bf4e7"
- "50d9206410f00bb00cc8f95865ab291c718e7a026e7fdc1fc9db0480586c4bc9"
- "515dc29796a763b500d37ec0c765957a136c9e1f1972bb52c3d7edcf4b6b8bbe"
- "57e83f1a3cf7c0fe3cf2357802306688dab60cf6a30d00e14e67826070db92de"
- "5cd37ee959b5338b5fb48eafc6c7290ca1fa60e653292304102cc19a16cc25e4"
- "5df2cb13ec314995ea43d698e888ddb240dbc7ccb6e635434dc8919eced3e25f"
- "6a58066d1bde4b6e661fbd5bde83d2dd90615ab409b8c8c36e04954fbd923424"
- "6eb5eaa5726150b8135a4fd09118cfd6b29f128586b7fa5019a04f1c740e9193"
- "6fa9fec63ba24ec06fcae0ec30d1369619c2c3323fe9ddc4849af86457d59eef"
- "739a920f5840de93f944ec86c5a181d0205f1d9e679a4df1b9bf5b0882ab848a"
- "775f130d36e9eb14cb67c6a63551511b87f78944cebcf6cdddb78292030341df"
- "7d0792b17e1d2ccac7c6820dda1b54020b294006d7867b7d78a05060220a0213"
- "8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353"
- "90abf7746df5cb82bca9949de6f512de7cb10bec97d3f5103299a9ce38d5b159"
- "95ae8966ec1e6021f2553c7d275217fcfecd5a7f0b206151c5fb701beb7baf1e"
- "a4333a9de660b9fc4d227403f57d46ec275d6a6349a6f5bda0c9557001f87e5d"
- "a6d68fb0380bece011b0180b2926142630414c1d7a3e268fb461c51523b63778"
- "a743f974bacea01ccc609dcb79247598bd2896f64377ce4a9f9d0333ab7b274e"
- "a8bf3d1210afa873d9b9af583e944bdbf5ac7c8a63f6eccc3d6795802bd380d2"
- "ba74062de4171df6109c4c96da1ebe2b538bb6cc7cd55867cbdfba44777700e1"
- "c91127b2698c0a2ae0103be3accffe01995b8531bf1027ae4f0a8ad099e7a209"
- "cfa6748598b5e507db0e53906a7639e2c197a53cb57da58b0a20ed087cc0b9d5"
- "e539e07c389f60596c92b06467c735073788196fa51331255d66ff7afde5dfee"
- "f8ba2470fbf1e30f2ce64d34705b8e6615ac964ea84163c8a6adaaf8a91f9eac"
- "ff058b10a8dce9956247adba2e410a7f80010a236b2269fb53e0df5cd091e61d"
condition : or
extractors :
- type : regex
group : 1
regex :
- '(?:application-)(\S{64})(?:\.css)'
2024-03-25 11:57:16 +00:00
# digest: 4b0a00483046022100b4127186492776d7641a3e74b310dc16db32c61bcc8aaf0f5eed928c30579768022100a3666fdd83770c9f2bdb11e06228e33df10080c5bea500dad29a7d9ff311b7e1:922c64590222798bb761d5b6d8e72950
