CVE-2019-9756 | SynScan

Vulnerability Database

289,784

Total vulnerabilities in the database

CVE-2019-9756

An issue was discovered in GitLab Community and Enterprise Edition 10.x (starting from 10.8) and 11.x before 11.6.10, 11.7.x before 11.7.6, and 11.8.x before 11.8.1. It has Incorrect Access Control, a different vulnerability than CVE-2019-9732.

Published: Apr 17, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-9756
Severity: Critical
Exploit:

CVSS v3:

Severity: Critical
Score: 9.8
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-639

OWASP TOP 10:

A5 - Broken Access Control

Affected Software
References

Software	From	Fixed in
gitlab / gitlab	11.8.0	11.8.1
gitlab / gitlab	10.8.0	10.8.7.x
gitlab / gitlab	11.0.0	11.6.10