CVE-2021-22221 Information
Jun 07, 2022
cve
Description
An issue has been discovered in GitLab affecting all versions starting from 12.9.0 before 13.10.5 all versions starting from 13.11.0 before 13.11.5 all versions starting from 13.12.0 before 13.12.2. Insufficient expired password validation in various operations allow user to maintain limited access after their password expired
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Reference
https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22221.json https://gitlab.com/gitlab-org/gitlab/-/issues/292006
Attack Complexity
LOW
Privileges Required
NONE
User Interaction Required
NONE
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
LOW
Availability Impact
LOW
Base Score
NONE
Base Severity
6.5
Share on: