cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Contributor III

More Than 5,000 GitLab Instances Still Vulnerable to Password Reset Issue

Dear all,

 

A critical vulnerability in GitLab disclosed earlier this month allows account takeovers without user interaction. GitLab released Critical Security Release: 16.7.2, 16.6.4, 16.5.6 for GitLab Community Edition (CE) and Enterprise Edition (EE) to address the vulnerability and four others. As of Tuesday, January 23, more than 5,300 GitLab instances remain unpatched, according to data from the Shadowserver Foundation.

 

https://www.bleepingcomputer.com/news/security/over-5-300-gitlab-servers-exposed-to-zero-click-accou...

 

 

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSM | CISSP | PMP
2 Replies
Early_Adopter
Community Champion

You know I think this isn’t lazy to patch, it’s just a bunch of really smart administrators outsourcing the awful chore of password management…
Kyaw_Myo_Oo
Contributor III

@Early_Adopter Thank you for contributing your thoughts.

 

 

Kyaw Myo Oo
Manager , CB BANK PCL
CCIE #58769 | PCNSE | CCSM | CISSP | PMP