GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote attackers to execute arbitrary code via a crafted change using SSH.
No CVSS v3.1
No CVSS v3.0
Access Vector Network
Access Complexity Medium
Authentication None
Confidentiality Impact Partial
Integrity Impact Partial
Availability Impact Partial
AV:N/AC:M/Au:N/C:P/I:P/A:P
Vendors | Products |
---|---|
Gitlab |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
Configuration 3 [-]
|
Configuration 4 [-]
|
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2013/11/15/4 | |
https://www.gitlab.com/2013/11/14/multiple-critical-vulnerabilities-in-gitlab/ | Patch Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-05-12T14:00:00
Updated: 2014-05-12T13:57:00
Reserved: 2013-06-12T00:00:00
Link: CVE-2013-4581
JSON object: View
NVD Information
Status : Analyzed
Published: 2014-05-12T14:55:05.290
Modified: 2014-05-12T18:29:38.827
Link: CVE-2013-4581
JSON object: View
Redhat Information
No data.
CWE