Virtual Event Now Live: Zero Trust Strategies Summit! - Login for Access
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

GitLab Patches Critical Authentication Bypass Vulnerability

GitLab has patched a critical-severity SAML authentication bypass affecting both Community Edition (CE) and Enterprise Edition (EE) instances.

Security updates released on Wednesday for GitLab Community Edition (CE) and Enterprise Edition (EE) resolve a critical-severity vulnerability leading to authentication bypass.

The issue, tracked as CVE-2024-45409 (CVSS score of 10/10), only affects GitLab CE/EE instances that have been configured to use SAML-based authentication.

An XML-based markup language for security assertions, SAML uses the Ruby SAML library in the OmniAuth SAML gem to implement the client side of the SAML authorization, and the library is vulnerable to signature wrapping.

“Ruby-SAML in <= 12.2 and 1.13.0 <= 1.16.0 does not properly verify the signature of the SAML response. An unauthenticated attacker with access to any signed SAML document (by the IdP) can thus forge a SAML response/assertion with arbitrary contents. This would allow the attacker to log in as an arbitrary user within the vulnerable system,” the library’s maintainers explain.

The vulnerability does not affect Ruby SAML version 1.12.3 and was addressed in version 1.17.0 of the library, which was included in OmniAuth SAML version 2.2.1.

To prevent the exploitation of CVE-2024-45409, users should enable GitLab two-factor authentication (2FA) for all user accounts on their self-managed instances (identity provider multi-factor authentication does not mitigate the flaw) and not allow the SAML two-factor bypass option on the code collaboration platform, GitLab notes in its advisory.

The platform has also provided indicators of compromise (IoCs) to help users hunt for potential exploitation attempts targeting this vulnerability.

GitLab CE/EE versions 17.3.3, 17.2.7, 17.1.8, 17.0.8, and 16.11.10 update both dependencies to address the authentication bypass. Users are advised to update their GitLab CE/EE installations as soon as possible. Dedicated GitLab instances have been automatically upgraded.

Advertisement. Scroll to continue reading.

Related: GitLab Security Update Patches Critical Vulnerability

Related: Critical Authentication Flaw Haunts GitHub Enterprise Server

Related: Potential RCE Flaw Patched in PyPI’s GitHub Repository

Related: GitLab Acquires Security Companies Peach Tech and Fuzzit

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join SecurityWeek and Hitachi Vantara for this this webinar to gain valuable insights and actionable steps to enhance your organization's data security and resilience.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Former Darktrace CEO Poppy Gustafsson has joined the UK government as Minister for Investment.

Nupur Goyal has joined cloud identity security and management solutions provider Saviynt as VP of Product Marketing.

Threat intelligence firm Intel 471 has appointed Mark Huebeler as its COO and CFO.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.