CVE-2019-6793

HIGH NUCLEI

Gitlab < 11.5.8 - SSRF

Title source: rule

Description

An issue was discovered in GitLab Enterprise Edition before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1. The Jira integration feature is vulnerable to an unauthenticated blind SSRF issue.

Nuclei Templates (1)

GitLab Enterprise Edition - Server-Side Request Forgery

HIGHby ritikchaddha

Shodan: html:"GitLab Enterprise Edition"

FOFA: body="GitLab Enterprise Edition"

References (2)

[Release Notes, Vendor Advisory] https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/

[Exploit, Issue Tracking, Third Party Advisory] https://gitlab.com/gitlab-org/gitlab-ce/issues/50748

Scores

CVSS v3 7.0

EPSS 0.0529

EPSS Percentile 90.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

Details

CWE

CWE-918

Status published

Products (1)

gitlab/gitlab 10.0.0 - 11.5.8

Published Sep 09, 2019

Tracked Since Feb 18, 2026