CVE-2024-12093

An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Improper XPath validation allows modified SAML response to bypass 2FA requirement under specialized conditions.

CVSS v3 6.8 MEDIUM

6.8^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.6 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://gitlab.com/gitlab-org/gitlab/-/issues/507445	Exploit Issue Tracking
https://hackerone.com/reports/2851261	Permissions Required

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::community:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:18.0.0::::community:::
	cpe:2.3:a:gitlab:gitlab:18.0.0::::enterprise:::

History

08 Aug 2025, 18:37

Type	Values Removed	Values Added
First Time		Gitlab Gitlab gitlab
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/507445 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/507445 - Exploit, Issue Tracking
References	~~() https://hackerone.com/reports/2851261 -~~	() https://hackerone.com/reports/2851261 - Permissions Required
CPE		cpe:2.3:a:gitlab:gitlab:::::community:::* cpe:2.3:a:gitlab:gitlab:::::enterprise:::* cpe:2.3:a:gitlab:gitlab:18.0.0::::community::: cpe:2.3:a:gitlab:gitlab:18.0.0::::enterprise:::

23 May 2025, 15:55

Type	Values Removed	Values Added
Summary		(es) Se ha detectado un problema en GitLab CE/EE que afecta a todas las versiones (desde la 11.1 hasta la 17.10.7), la 17.11 hasta la 17.11.3 y la 18.0 hasta la 18.0.1. Una validación XPath incorrecta permite que una respuesta SAML modificada omita el requisito de 2FA en condiciones especiales.

22 May 2025, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-22 15:16

Updated : 2025-08-08 18:37

NVD link : CVE-2024-12093

Mitre link : CVE-2024-12093

CVE.ORG link : CVE-2024-12093

JSON object : View

Products Affected

gitlab

gitlab

CWE

CWE-1288

Improper Validation of Consistency within Input

{"id": "CVE-2024-12093", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@gitlab.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.8, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.6}]}, "published": "2025-05-22T15:16:03.580", "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/507445", "tags": ["Exploit", "Issue Tracking"], "source": "cve@gitlab.com"}, {"url": "https://hackerone.com/reports/2851261", "tags": ["Permissions Required"], "source": "cve@gitlab.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cve@gitlab.com", "description": [{"lang": "en", "value": "CWE-1288"}]}], "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Improper XPath validation allows modified SAML response to bypass 2FA requirement under specialized conditions."}, {"lang": "es", "value": "Se ha detectado un problema en GitLab CE/EE que afecta a todas las versiones (desde la 11.1 hasta la 17.10.7), la 17.11 hasta la 17.11.3 y la 18.0 hasta la 18.0.1. Una validaci\u00f3n XPath incorrecta permite que una respuesta SAML modificada omita el requisito de 2FA en condiciones especiales."}], "lastModified": "2025-08-08T18:37:36.560", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "324A7EFC-5A8A-4BE6-BB02-E081AB4C0C35", "versionEndExcluding": "17.10.7", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "0EC8F73E-AB7C-4129-B262-72E484D52F4B", "versionEndExcluding": "17.10.7", "versionStartIncluding": "11.1.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "194F7832-AEB6-4CD4-8CA8-81D8BF1666C9", "versionEndExcluding": "17.11.3", "versionStartIncluding": "17.11.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "85308EBB-8AB6-4344-9944-D124878DA138", "versionEndExcluding": "17.11.3", "versionStartIncluding": "17.11.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:18.0.0:*:*:*:community:*:*:*", "vulnerable": true, "matchCriteriaId": "C7F28C32-4C21-4EE4-985C-34BD8C9FE300"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:18.0.0:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "52187A72-1412-48DE-90DD-2948630CFC19"}], "operator": "OR"}]}], "sourceIdentifier": "cve@gitlab.com"}