An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for malicious group or project maintainers to change their corresponding group or project visibility by crafting a malicious POST request.

The version of GitLab installed on the remote host is affected by a vulnerability, as follows:

  - An issue has been discovered in GitLab CE/EE affecting all versions before 15.0.5, all versions starting     from 15.1 before 15.1.4, all versions starting from 15.2 before 15.2.1. It may be possible for malicious     group or project maintainers to change their corresponding group or project visibility by crafting a     malicious POST request. (CVE-2022-2456)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 4c26f668-0fd2-11ed-a83d-001b217b3468 advisory.

  - Gitlab reports: Revoke access to confidential notes todos Pipeline subscriptions trigger new pipelines     with the wrong author Ability to gain access to private project through an email invite by using other     user's email address as an unverified secondary email Import via git protocol allows to bypass checks on     repository Unauthenticated IP allowlist bypass when accessing job artifacts through GitLab Pages     Maintainer can leak Packagist and other integration access tokens by changing integration URL     Unauthenticated access to victims Grafana datasources through path traversal Unauthorized users can filter     issues by contact and organization Malicious Maintainer may change the visibility of project or a group     Stored XSS in job error messages Enforced group MFA can be bypassed when using Resource Owner Password     Credentials grant Non project members can view public project's Deploy Keys IDOR in project with Jira     integration leaks project owner's other projects Jira issues Group Bot Users and Tokens not deleted after     group deletion Email invited members can join projects even after the member lock has been enabled Datadog     integration returns user emails (CVE-2022-2095, CVE-2022-2303, CVE-2022-2307, CVE-2022-2326,     CVE-2022-2417, CVE-2022-2456, CVE-2022-2459, CVE-2022-2497, CVE-2022-2498, CVE-2022-2499, CVE-2022-2500,     CVE-2022-2501, CVE-2022-2512, CVE-2022-2531, CVE-2022-2534, CVE-2022-2539)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

ID	Name	Product	Family	Severity
163838	GitLab 0.0 < 15.0.5 / 15.1 < 15.1.4 / 15.2 < 15.2.1 (CVE-2022-2456)	Nessus	CGI abuses	low
163649	FreeBSD : Gitlab -- multiple vulnerabilities (4c26f668-0fd2-11ed-a83d-001b217b3468)	Nessus	FreeBSD Local Security Checks	high

Detections

Analytics

CVE-2022-2456

low

Tenable Plugins

low

high