CVE-2023-3484

Summary

CVE-2023-3484 is a vulnerability that affects all versions of GitLab EE starting from 12.8 before 15.11.11, 16.0 before 16.0.7, and 16.1 before 16.1.2. The vulnerability allows an attacker to change the name or path of a public top-level group under certain circumstances. This vulnerability has a base severity rating of MEDIUM and a base score of 6.5 according to NVD, and a base severity rating of HIGH and a base score of 8 according to GitLab. The potential danger it poses to an organization includes high integrity impact and low privileges required for exploitation, with potential for both high confidentiality and availability impacts depending on the context of the attack. Remediation can be achieved by updating GitLab EE to version 15.11.11, 16.0.7, or 16.1.2 or later versions that address this vulnerability. Note: The paragraph is based on the provided information and does not include any analysis or interpretation by the AI model as it states "analysis_description: None".

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.