An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.10.5, all versions starting from 13.11.0 before 13.11.5, all versions starting from 13.12.0 before 13.12.2. Insufficient expired password validation in various operations allow user to maintain limited access after their password expired
References
Link | Resource |
---|---|
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22221.json | Vendor Advisory |
https://gitlab.com/gitlab-org/gitlab/-/issues/292006 | Broken Link |
Configurations
Configuration 1 (hide)
|
History
15 Jun 2021, 18:30
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22221.json - Vendor Advisory | |
References | (MISC) https://gitlab.com/gitlab-org/gitlab/-/issues/292006 - Broken Link | |
CVSS |
v2 : v3 : |
v2 : 6.4
v3 : 6.5 |
CPE | cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:* cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:* |
|
CWE | CWE-613 |
08 Jun 2021, 19:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2021-06-08 19:15
Updated : 2024-02-04 21:47
NVD link : CVE-2021-22221
Mitre link : CVE-2021-22221
CVE.ORG link : CVE-2021-22221
JSON object : View
Products Affected
gitlab
- gitlab
CWE
CWE-613
Insufficient Session Expiration