GitLab has moved to address a critical security flaw in its service that, if exploited successfully, could lead to an account takeover.
Tracked as CVE-2022-1680, the issue has a CVSS severity score of 9.9 and was discovered internally by the company. The security flaw affects all versions of GitLab Enterprise Edition (EE) from 11.10 before 14.9.5, all versions from 14.10 before 14.10.4, and all versions from 15.0 before 15.0.1.
When SAML SSO for groups is configured, the SCIM feature (available on Premium+ plans only) can allow any Premium group owner to invite random users through their username and email, and then send the email. email addresses of those users via SCIM to an attacker-managed email address and thus — in the absence of 2FA — take over those accounts,” GitLab said†
After this is accomplished, a malicious actor could also change the target account’s display name and username, the DevOps platform provider warned in its advisory published June 1, 2022.
Also fixed by GitLab in versions 15.0.1, 14.10.4, and 14.9.5 are seven other security vulnerabilities, two as high, four as moderate, and one as low in severity.
Users who perform an affected installation of the aforementioned bugs are advised to upgrade to the latest version as soon as possible.