CVE-2023-3907 | THREATINT

Description

A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner

PUBLISHED Reserved 2023-07-25 | Published 2023-12-17 | Updated 2026-05-31 | Assigner GitLab

MEDIUM: 4.9CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Problem types

CWE-286: Incorrect User Management

Product status

Default status

unaffected

16.0 (semver) before 16.4.4

affected

16.5 (semver) before 16.5.4

affected

16.6 (semver) before 16.6.2

affected

Credits

Thanks [ashish_r_padelkar](https://hackerone.com/ashish_r_padelkar) for reporting this vulnerability through our HackerOne bug bounty program finder

References

gitlab.com/gitlab-org/gitlab/-/issues/418878 (GitLab Issue #418878) issue-tracking

hackerone.com/reports/2058934 (HackerOne Bug Bounty Report #2058934) technical-description exploit

gitlab.com/gitlab-org/gitlab/-/issues/418878 (GitLab Issue #418878) issue-tracking

hackerone.com/reports/2058934 (HackerOne Bug Bounty Report #2058934) technical-description exploit permissions-required

cve.org (CVE-2023-3907)

nvd.nist.gov (CVE-2023-3907)

Download JSON