CVE-2022-3285

Description

Bypass of healthcheck endpoint allow list affecting all versions from 12.0 prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an unauthorized attacker to prevent access to GitLab

Related CPE's

agitlabgitlab15.4.0***enterprise***

agitlabgitlab15.4.0***community***

agitlabgitlab****community***

agitlabgitlab****enterprise***

agitlabgitlab****enterprise***

agitlabgitlab****community***

References

https://gitlab.com/gitlab-org/cves/-/blob/master/2022/CVE-2022-3285.json

Vendor Advisory

https://gitlab.com/gitlab-org/security/omnibus-gitlab/-/issues/64

Permissions RequiredVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics
Created by Yello
About Severity.io