CVE-2023-3484

CVSS Score of 10 (low)

Details

Published Jul 21, 2023
Updated: Jul 31, 2023
CWE ID 840

Summary

CVE-2023-3484 is a vulnerability that affects all versions of GitLab EE starting from 12.8 before 15.11.11, 16.0 before 16.0.7, and 16.1 before 16.1.2. The vulnerability allows an attacker to change the name or path of a public top-level group under certain circumstances. This vulnerability has a base severity rating of MEDIUM and a base score of 6.5 according to NVD, and a base severity rating of HIGH and a base score of 8 according to GitLab. The potential danger it poses to an organization includes high integrity impact and low privileges required for exploitation, with potential for both high confidentiality and availability impacts depending on the context of the attack. Remediation can be achieved by updating GitLab EE to version 15.11.11, 16.0.7, or 16.1.2 or later versions that address this vulnerability. Note: The paragraph is based on the provided information and does not include any analysis or interpretation by the AI model as it states "analysis_description: None".

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-3484 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options