CVE-2019-15585

CVE-2019-15585

Vendor Gitlab
Product Gitlab CE/EE
Weakness CWE-287 · Improper authentication
Published January 28, 2020
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account.

Key dates

02Disclosure timeline

January 28, 2020 CVE published
August 5, 2024 Record updated