6.8

CVE-2013-4580

GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.

Data is provided by the National Vulnerability Database (NVD)
GitlabGitlab Version <= 5.4.1
GitlabGitlab Version0.8.0
GitlabGitlab Version0.9.1
GitlabGitlab Version0.9.4
GitlabGitlab Version0.9.6
GitlabGitlab Version1.0.0
GitlabGitlab Version1.0.1
GitlabGitlab Version1.0.2
GitlabGitlab Version1.1.0
GitlabGitlab Version1.2.0
GitlabGitlab Version1.2.1
GitlabGitlab Version1.2.2
GitlabGitlab Version2.0.0
GitlabGitlab Version2.1.0
GitlabGitlab Version2.2.0
GitlabGitlab Version2.3.0
GitlabGitlab Version2.3.1
GitlabGitlab Version2.4.0
GitlabGitlab Version2.5.0
GitlabGitlab Version2.6.0
GitlabGitlab Version2.7.0
GitlabGitlab Version2.8.0
GitlabGitlab Version2.8.1
GitlabGitlab Version2.9.0
GitlabGitlab Version2.9.1
GitlabGitlab Version3.0.0
GitlabGitlab Version3.0.1
GitlabGitlab Version3.0.2
GitlabGitlab Version3.0.3
GitlabGitlab Version3.1.0
GitlabGitlab Version4.0.0
GitlabGitlab Version4.1.0
GitlabGitlab Version4.2.0
GitlabGitlab Version5.0.0
GitlabGitlab Version5.0.1
GitlabGitlab Version5.1.0
GitlabGitlab Version5.2.0
GitlabGitlab Version5.3.0
GitlabGitlab Version5.4.0
GitlabGitlab SwEditioncommunity Version <= 6.2.3
GitlabGitlab Version0.8.0 SwEditioncommunity
GitlabGitlab Version0.9.1 SwEditioncommunity
GitlabGitlab Version0.9.4 SwEditioncommunity
GitlabGitlab Version0.9.6 SwEditioncommunity
GitlabGitlab Version1.0.0 SwEditioncommunity
GitlabGitlab Version1.0.1 SwEditioncommunity
GitlabGitlab Version1.0.2 SwEditioncommunity
GitlabGitlab Version1.1.0 SwEditioncommunity
GitlabGitlab Version1.2.0 SwEditioncommunity
GitlabGitlab Version1.2.1 SwEditioncommunity
GitlabGitlab Version1.2.2 SwEditioncommunity
GitlabGitlab Version2.0.0 SwEditioncommunity
GitlabGitlab Version2.1.0 SwEditioncommunity
GitlabGitlab Version2.2.0 SwEditioncommunity
GitlabGitlab Version2.3.0 SwEditioncommunity
GitlabGitlab Version2.3.1 SwEditioncommunity
GitlabGitlab Version2.4.0 SwEditioncommunity
GitlabGitlab Version2.5.0 SwEditioncommunity
GitlabGitlab Version2.6.0 SwEditioncommunity
GitlabGitlab Version2.7.0 SwEditioncommunity
GitlabGitlab Version2.8.0 SwEditioncommunity
GitlabGitlab Version2.8.1 SwEditioncommunity
GitlabGitlab Version2.9.0 SwEditioncommunity
GitlabGitlab Version2.9.1 SwEditioncommunity
GitlabGitlab Version3.0.0 SwEditioncommunity
GitlabGitlab Version3.0.1 SwEditioncommunity
GitlabGitlab Version3.0.2 SwEditioncommunity
GitlabGitlab Version3.0.3 SwEditioncommunity
GitlabGitlab Version3.1.0 SwEditioncommunity
GitlabGitlab Version4.0.0 SwEditioncommunity
GitlabGitlab Version4.1.0 SwEditioncommunity
GitlabGitlab Version4.2.0 SwEditioncommunity
GitlabGitlab Version5.0.0 SwEditioncommunity
GitlabGitlab Version5.0.1 SwEditioncommunity
GitlabGitlab Version5.1.0 SwEditioncommunity
GitlabGitlab Version5.2.0 SwEditioncommunity
GitlabGitlab Version5.3.0 SwEditioncommunity
GitlabGitlab Version5.4.0 SwEditioncommunity
GitlabGitlab Version5.4.1 SwEditioncommunity
GitlabGitlab Version5.4.2 SwEditioncommunity
GitlabGitlab Version6.0.0 SwEditioncommunity
GitlabGitlab Version6.1.0 SwEditioncommunity
GitlabGitlab Version6.2.0 SwEditioncommunity
GitlabGitlab Version6.2.1 SwEditioncommunity
GitlabGitlab Version6.2.2 SwEditioncommunity
GitlabGitlab SwEditionenterprise Version <= 6.2.0
GitlabGitlab Version0.8.0 SwEditionenterprise
GitlabGitlab Version0.9.1 SwEditionenterprise
GitlabGitlab Version0.9.4 SwEditionenterprise
GitlabGitlab Version0.9.6 SwEditionenterprise
GitlabGitlab Version1.0.0 SwEditionenterprise
GitlabGitlab Version1.0.1 SwEditionenterprise
GitlabGitlab Version1.0.2 SwEditionenterprise
GitlabGitlab Version1.1.0 SwEditionenterprise
GitlabGitlab Version1.2.0 SwEditionenterprise
GitlabGitlab Version1.2.1 SwEditionenterprise
GitlabGitlab Version1.2.2 SwEditionenterprise
GitlabGitlab Version2.0.0 SwEditionenterprise
GitlabGitlab Version2.1.0 SwEditionenterprise
GitlabGitlab Version2.2.0 SwEditionenterprise
GitlabGitlab Version2.3.0 SwEditionenterprise
GitlabGitlab Version2.3.1 SwEditionenterprise
GitlabGitlab Version2.4.0 SwEditionenterprise
GitlabGitlab Version2.5.0 SwEditionenterprise
GitlabGitlab Version2.6.0 SwEditionenterprise
GitlabGitlab Version2.7.0 SwEditionenterprise
GitlabGitlab Version2.8.0 SwEditionenterprise
GitlabGitlab Version2.8.1 SwEditionenterprise
GitlabGitlab Version2.9.0 SwEditionenterprise
GitlabGitlab Version2.9.1 SwEditionenterprise
GitlabGitlab Version3.0.0 SwEditionenterprise
GitlabGitlab Version3.0.1 SwEditionenterprise
GitlabGitlab Version3.0.2 SwEditionenterprise
GitlabGitlab Version3.0.3 SwEditionenterprise
GitlabGitlab Version3.1.0 SwEditionenterprise
GitlabGitlab Version4.0.0 SwEditionenterprise
GitlabGitlab Version4.1.0 SwEditionenterprise
GitlabGitlab Version4.2.0 SwEditionenterprise
GitlabGitlab Version5.0.0 SwEditionenterprise
GitlabGitlab Version5.0.1 SwEditionenterprise
GitlabGitlab Version5.1.0 SwEditionenterprise
GitlabGitlab Version5.2.0 SwEditionenterprise
GitlabGitlab Version5.3.0 SwEditionenterprise
GitlabGitlab Version5.4.0 SwEditionenterprise
GitlabGitlab Version5.4.1 SwEditionenterprise
GitlabGitlab Version5.4.2 SwEditionenterprise
GitlabGitlab Version6.0.0 SwEditionenterprise
GitlabGitlab Version6.1.0 SwEditionenterprise
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.1% 0.275
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.