CVE-2021-22214 Scanner
Detects 'Server-Side Request Forgery (SSRF)' vulnerability in GitLab affects v. from 10.5 to 13.10.5,from 13.11 to 13.11.5, from 13.12 to 13.12.2.
Short Info
Level
High
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
15 sec
Scan only one
Domain, Ipv4
Parent Category
CVE-2021-22214 Scanner Detail
GitLab is a web-based Git repository manager that is used for version control, source code management, and continuous integration and delivery. It enables developers to collaborate on code, track bugs, and monitor performance, all from a single platform.
A critical vulnerability, CVE-2021-22214, has been detected in GitLab CE/EE that affects all versions starting from 10.5. This vulnerability enables an unauthenticated attacker, even on a GitLab instance where registration is limited, to exploit a server-side request forgery vulnerability when webhooks are enabled within the internal network.
When this vulnerability is exploited, it can lead to malicious actors gaining unauthorized access to sensitive data stored on the GitLab instance. This includes confidential source code, customer information, and other sensitive business data that could be used for cyber espionage, corporate espionage, or ransomware attacks.
Thanks to the pro features of the securityforeveryone.com platform, those who are concerned about the security of their digital assets can easily and quickly learn about vulnerabilities and receive real-time alerts to mitigate risks in a timely manner. By staying informed and taking proactive measures, businesses can better protect their digital assets and reduce the risk of cyber attacks.
REFERENCES
control security posture