vulnerability

Gitlab: CVE-2023-5009: Attacker can abuse scan execution policies to run pipelines as another user

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
9	(AV:N/AC:L/Au:N/C:C/I:C/A:C)	Sep 18, 2023	Sep 25, 2023	Sep 26, 2023

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Sep 18, 2023

Added

Sep 25, 2023

Modified

Sep 26, 2023

Description

From version 13.12 to 16.2.7 and from 16.3 to 16.3.4 in GitLab CE/EE it is possible for an attacker to run pipelines as an arbitrary user via scheduled security scan policies. Instances running these versions are only vulnerable if direct transfers and security policies are both enabled. This is a bypass of CVE-2023-3932.

Solution

gitlab-upgrade-latest

References

CVE-2023-5009
https://attackerkb.com/topics/CVE-2023-5009
https://about.gitlab.com/releases/2023/09/18/security-release-gitlab-16-3-4-released/

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report