User Impersonation and Authentication Bypass in GitLab

User Impersonation and Authentication Bypass in GitLab

CVE-2013-4580 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

GitLab before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1, when using a MySQL backend, allows remote attackers to impersonate arbitrary users and bypass authentication via unspecified API calls.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.