PT-2021-22742 · Gitlab · Gitlab Ce/Ee+1
Published
2021-10-04
·
Updated
2024-03-06
·
CVE-2021-39896
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
GitLab CE/EE versions 8.0 and later
Description
The issue arises when an admin uses the impersonate feature twice and then stops impersonating. This may cause the admin to be logged in as the second user they impersonated, potentially leading to repudiation issues.
Recommendations
For GitLab CE/EE versions 8.0 and later, update to a version that includes a fix for this issue to prevent potential repudiation issues.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Gitlab
Gitlab Ce/Ee