GitLab.CVE-2021-22192.Remote.Code.Execution
Description
This indicates an attack attempt to exploit an Remote Code Execution Vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE).
The vulnerability is due to insufficient check of the object. Successful exploitation could allow any user with push access to a wiki to execute arbitrary ruby code.
Affected Products
GitLab GitLab Community Edition (CE) and Enterprise Edition (EE) 13.2.0 prior to 13.7.9
GitLab GitLab Community Edition (CE) and Enterprise Edition (EE) 13.8.0 prior to 13.8.6
GitLab GitLab Community Edition (CE) and Enterprise Edition (EE) 13.9.0 prior to 13.9.4
Impact
System Compromise: Remote attacker can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22192.json
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |