Menu
Deepen energy metering, focus on intelligent and digital energy management, empower utilities to double carbon revolution, and provide the world's leading smart energy management solutions.
+ 86-28-65706888
  • Add:
    No. 99 Tianquan Rd., Hi-Tech Development Zone, Chengdu, P.R.C.

Scan the WeChat QR code

Welcome to the official website!
Innovation
Brings a Better Life
Language
2025.01.21
About GitLab Privilege Escalation Vulnerability

Alert number: KAIFA-KSIRT-202412-05
Published : 2024/12/05
Updated : 2024/12/05

1. Vulnerability Overview

GitLab is an open source project for a warehouse management system that uses Git as a code management tool and can access public or private projects through a web interface.

Recently, it was detected that a privilege escalation vulnerability (CVE-2024-8114) was fixed in GitLab Community Edition (CE) and Enterprise Edition (EE). This vulnerability can be exploited to escalate privileges, which may lead to the leakage of sensitive information or the execution of unauthorized operations.

Affected users are advised to conduct self-inspection of their assets and take preventive measures to avoid hacker attacks .

2. Versions and fixes

Affected Products

Patched version

Affected versions

GitLab

17.4.5

8.12 <= GitLab CE/EE < 17.4.5

GitLab

17.5.3

17.5 <= GitLab CE/EE < 17.5.3

GitLab

17.6.1

17.6 <= GitLab CE/EE < 17.6.1

III. Impact and Consequences

In some cases, the threat actor can trigger the pipeline as another user.

Vulnerability Scoring

Vulnerability using KAIFA AMI scoring rules for grading

Final score: 8.2

V. Technical Details

The prerequisite for launching an attack by exploiting the vulnerability is when the attacker obtains the personal access token ( PAT ) of the target user.

Vulnerability details:

Recently, a privilege escalation vulnerability (CVE-2024-8114) was fixed in GitLab Community Edition (CE) and Enterprise Edition (EE). Due to improper permission management of LFS tokens in GitLab, when an attacker obtains the target user's personal access token (PAT), they can further abuse the LFS token generated by the PAT and exploit this vulnerability to escalate permissions, which may lead to sensitive information leakage or unauthorized operations .

6. Circumvention Measures

none

7. Version acquisition path

Services that support automatic updates will receive system update prompts, and users can perform system updates to fix the vulnerabilities. Or they can manually download official website plug-ins to update and fix the vulnerabilities.

8. Vulnerability Source

Supplier notification

IX. Update Records

KAIFA-KSIRT-Initial

10. FAQs

none

11. Developing external security response services

K AIFA has always advocated doing its utmost to protect the ultimate interests of product users, following the principle of responsible disclosure of security incidents, and handling product safety issues through the product safety issue handling mechanism.

12. Statement

This document is provided "as is" without any express, implied or statutory warranty, including (but not limited to) the warranty of merchantability, fitness for purpose and non-infringement. In no event shall K AIFA or its directly or indirectly controlled subsidiaries, or its suppliers, be liable for any loss, including direct, indirect, incidental, consequential loss of business profits or special damages. You shall bear all legal liabilities arising from the use of this document in any way. K AIFA may modify or update the content and information contained in this document at any time.