CVE-2020-13308

Low

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. A user without 2 factor authentication enabled could…

GitLab·CWE-281·Published 2020-09-15

CVSS

2.7

EPSS

0.02

KEV

Exploits

cve.orgen

251 chars

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. A user without 2 factor authentication enabled could be prohibited from accessing GitLab by being invited into a project that had 2 factor authentication inheritance.

NVDen

251 chars

NVDes

277 chars

Se detectó una vulnerabilidad en GitLab versiones anteriores a 13.1.10, 13.2.8 y 13.3.4. A un usuario sin la autenticación de 2 factores habilitada se le podría prohibir el acceso a GitLab al ser invitado a un proyecto que tenía una herencia de autenticación de 2 factores

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	4.0	8.0	2.9	AV:N/AC:L/Au:S/C:N/I:N/A:P
3.1	Primary	cve.org	2.7	—	—	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L