Network Security, DevSecOps, Third-party code

CISA: Immediate GitLab account takeover flaw remediation crucial amid attacks

In this photo illustration the GitLab logo seen displayed on a smartphone and on the background.

Ongoing intrusions targeting GitLab instances impacted by the maximum severity account takeover vulnerability, tracked as CVE-2023-7028, have prompted the flaw's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security issue by May 22, reports BleepingComputer.

No further information regarding the attacks involving the flaw, which could be exploited to facilitate password reset email delivery and eventual account takeover, has been provided. However, CISA emphasized that there has been no indication of any exploitation in ransomware incidents.

"These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise," said CISA. Such a development comes as more than 2,000 internet-exposed GitLab instances were discovered by Shadowserver to remain unpatched against CVE-2023-7028, which is less than half of the vulnerable instances identified in January when the fixes were issued by GitLab.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.