One Article Review
| Source |  Security Affairs |
|---|---|
| Identifiant | 4384181 |
| Date de publication | 2022-04-02 10:00:39 (vue: 2022-04-02 10:05:12) |
| Titre | Critical CVE-2022-1162 flaw in GitLab allowed threat actors to take over accounts |
| Texte | GitLab has addressed a critical vulnerability, tracked as CVE-2022-1162 (CVSS score of 9.1), that could allow remote attackers to take over user accounts. The CVE-2022-1162 vulnerability is related to the set of hardcoded static passwords during OmniAuth-based registration in GitLab CE/EE. “A hardcoded password was set for accounts registered using an OmniAuth provider (e.g. OAuth, LDAP, […] |
| Envoyé | Oui |
| Condensat | “a 1162 2022 accounts actors addressed allow allowed as cve attackers based ce/ee could critical cve cvss during flaw gitlab hardcoded has ldap oauth omniauth over password passwords provider registered registration related remote score set static take threat tracked user using vulnerability |
| Tags | Vulnerability Threat |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.