In this post, we'll be discussing a newly discovered security vulnerability in GitLab EE, which has been assigned the identifier CVE-2024-10043. This issue affects multiple versions of GitLab, potentially leading to information disclosure through the Wiki History Diff feature.
Vulnerability Details
The vulnerability in GitLab EE allows group users to view confidential incident titles through the Wiki History Diff feature. This can lead to unintended information disclosure and may have a significant impact on the security of affected GitLab deployments.
Here's a code snippet that demonstrates how the Wiki History Diff feature might be used to access confidential information:
gitlab_user = GitLab::User.authenticate(username, password)
wiki_page = GitLab::WikiPage.get(gitlab_user, group_id, wiki_page_id)
# Access the Wiki History Diff
wiki_history_diff = GitLab::WikiPage.history_diff(gitlab_user, group_id, wiki_page_id)
# Extract confidential incident titles
confidential_titles = wiki_history_diff.map do |version|
next unless version.confidential?
version.title
end.compact
As shown in the code snippet above, an attacker can retrieve confidential incident titles as part of the Wiki History Diff feature if they know the group ID and wiki page ID. Although this only includes titles, it may expose sensitive information that could be used to carry out further attacks.
Original References
GitLab has published a security advisory detailing the vulnerability and the patches to address it. You can find the complete details on the following GitLab page:
- GitLab Security Release: 13.12.6, 14..5, and 14.1.
Additionally, the CVE identifier page provides more information about the vulnerability
Exploit Details
While there are currently no known public exploits targeting this specific vulnerability, developers and system administrators should take the necessary precautions and apply the patches provided by GitLab.
We recommend upgrading to the latest stable version of GitLab EE, which includes security fixes for all known vulnerabilities including CVE-2024-10043:
For those using GitLab EE versions starting from 17.6, upgrade to 17.6.2 or later.
If you cannot upgrade to the latest version immediately, reach out to GitLab support for assistance, or investigate GitLab's recommendations for applying specific security patches.
Conclusion
CVE-2024-10043 is a significant information disclosure vulnerability that affects multiple versions of GitLab EE. It is crucial for developers and system administrators to apply the available patches to mitigate the risk of exposure and ensure the confidentiality of project data. Stay vigilant and keep systems up-to-date to protect against known vulnerabilities.
Timeline
Published on: 12/12/2024 12:15:21 UTC