CVE-2017-0922

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component…

hackerone·CWE-639·Published 2018-03-21

CVSS

—

EPSS

0.01

KEV

Exploits

cve.orgen

196 chars

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.

NVDen

196 chars

Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object.

NVDes

209 chars

Gitlab Enterprise Edition 10.3 es vulnerable a un problema de omisión de autenticación en el componente GitLab Projects::BoardsController que resulta en la divulgación de información en cualquier objeto board.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:P/I:N/A:N
3.0	Primary	NVD	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N