• News
  • Interviews
  • Articles
  • Podcasts
  • Insights
    • Future Ready
    • Guest Post
    • Use Cases
    • Events
  • Quick Bytes
  • RESOURCES
Sign in
Welcome!Log into your account
Forgot your password?
Privacy Policy
Password recovery
Recover your password
Search
Monday, March 20, 2023
Sign in
Welcome! Log into your account
Forgot your password? Get help
Privacy Policy
Password recovery
Recover your password
A password will be e-mailed to you.
ITSECURITYWIRE FAVCON ITSECURITYWIRE FAVCON ITSecurityWire
  • News
  • Interviews
  • Articles
  • Podcasts
  • Insights
    • Future Ready
    • Guest Post
    • Use Cases
    • Events
  • Quick Bytes
  • RESOURCES
Home Quick Bytes GitLab Patches Critical Account Takeover Flaw
  • Quick Bytes

GitLab Patches Critical Account Takeover Flaw

By
ITsec Bureau
-
April 5, 2022
63
GitLab Patches Critical Account Takeover Flaw-01

After fixing a severe account takeover vulnerability, GitLab has reset the passwords of some user accounts.

According to the firm, when an account was registered using an OmniAuth provider in GitLab Community Edition (CE) and Enterprise Edition (EE) versions prior to 14.7.7, 14.8.5, and 14.9.2, a hardcoded password was set.

The CVE-2022-1162 (CVSS score of 9.1) critical-severity flaw could allow attackers to take control of accounts. GitLab also reset the passwords of individuals who it believes were affected by the flaw, in addition to fixing the vulnerability.

Read More: https://www.securityweek.com/gitlab-patches-critical-account-takeover-vulnerability

  • TAGS
  • Account Takeover Flaw
  • GitLab
  • GitLab Community Edition
  • OmniAuth provider
  • risk management
Previous articleTurla-Connected Infrastructure Used By New Android Spyware
Next articleLogicGate Enhances Third-Party Cyber Risk Capabilities with Black Kite Integration
ITsec Bureau
https://itsecuritywire.com/
The ITSecurityWire Bureau has well-trained writers and journalists, well versed in the B2B Information technology industry, and constantly in touch with industry leaders for the latest trends, opinions, and other inputs in cybersecurity to bring you the best and latest in the domain.

RELATED ARTICLESMORE FROM AUTHOR

Latitude Financial Services Data Breach Affects 300,000 Customers

Latitude Financial Services Data Breach Affects 300,000 Customers

Project Zero Revealed Samsung Mobile Chipsets Vulnerable to Baseband Code Execution Attacks

Project Zero Revealed Samsung Mobile Chipsets Vulnerable to Baseband Code Execution Attacks

Mozilla Patches High-Severity Vulnerabilities with the Launch of Firefox 111

Mozilla Patches High-Severity Vulnerabilities with the Launch of Firefox 111

Latest posts

Wiz

Wiz Introduces Free Cloud Framework to Drive Community-Backed Security

December 15, 2022
Cybersecurity Thought Leaders Kate Fazzini and John Shegerian Launch Insecurity of Everything Column-01

Cybersecurity Thought Leaders Kate Fazzini and John Shegerian Launch “Insecurity of Everything” Column

October 28, 2021
Balbix Appoints Chris van Staden as Chief Revenue Officer-01

Balbix Appoints Chris van Staden as Chief Revenue Officer

January 28, 2022
Intel-471-Introduces-The-471-Cyber-Threat-Report

Intel 471 Introduces The 471 Cyber Threat Report

August 5, 2022
Employee Security Error

Stress, Pressure, and Fatigue are resulting in Employee Security Error

July 23, 2020


An invaluable resource for all your IT security initiatives and assets.

Knowledge sharing platform for all IT security needs and plans. Peer to peer conversations that leverage industry experts and leaders for ideas, opinions and business insights.

Media@ITSecurityWire.com
Sales@ITSecurityWire.com

Recent Posts

  • Absolute Software Named Gold Winner in 2023 Cybersecurity Excellence Awards
  • Latitude Financial Services Data Breach Affects 300,000 Customers
  • Tips for Selecting the Right Cybersecurity Insurance
  • Six Cybersecurity Intrusions Businesses Must Address
  • Silverfort recognized as a Microsoft Security Excellence Awards finalist for Zero Trust Champion and Security ISV of the Year

Visit Our Other Publication

Quick Links

  • About Us
  • News
  • Featured Articles
  • Featured Interview
  • Guest Post
  • Privacy Policy
  • Do Not Sell My Information
  • About Us
  • News
  • Featured Articles
  • Featured Interview
  • Guest Post
  • Privacy Policy
  • Do Not Sell My Information
An Imprint of OnDot ® Media © | All rights reserved | Privacy Policy