CVE-2017-0927

EPSS 0.8%CWE-285

Vexday Risk Score

3Low

SSVC decision (CISA)

Track

No exploitation signal → monitor

CVSS —EPSS 0.8%KEV nãoPoC —Nuclei —Metasploit —Patch —

Lifecycle

21 Mar 2018Published on NVD

Recommendation: Monitor — no exploitation signal at the moment.

Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the deployment keys component resulting in unauthorized use of deployment keys by guest users.

Affected products

GitLab · GitLab Community and Enterprise Editions

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://about.gitlab.com/2018/01/16/gitlab-10-dot-3-dot-4-released/https://gitlab.com/gitlab-org/gitlab-ce/issues/37594