Platform
gitlab
Component
gitlab
Opgelost in
18.8.9
18.9.5
18.10.3
CVE-2026-5173 represents a security vulnerability identified in GitLab CE/EE. It allows an authenticated user to potentially invoke unintended server-side methods through websocket connections, stemming from improper access controls. This issue impacts GitLab versions from 16.9.6 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3. A fix is available in version 18.10.3.
CVE-2026-5173 affects GitLab CE/EE versions from 16.9.6 up to 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3. This vulnerability allows an authenticated user to invoke unintended server-side methods through WebSocket connections due to improper access controls. A malicious actor could potentially exploit this flaw to perform unauthorized actions within GitLab, compromising data integrity and confidentiality. The vulnerability's severity is rated as 8.5 on the CVSS scale, indicating a significant risk. Applying the security update is crucial to mitigate this risk.
The vulnerability is exploited through WebSocket connections, a bidirectional communication protocol enabling real-time communication between the client and server. An authenticated user could manipulate WebSocket requests to invoke server methods that would normally not be available to them. The impact of this exploitation depends on the authenticated user’s permissions and the functionality of the invoked server methods. Successful exploitation could result in data modification, arbitrary code execution, or unauthorized access to confidential information.
Exploit Status
EPSS
0.02% (6% percentiel)
CISA SSVC
CVSS-vector
The solution for CVE-2026-5173 is to upgrade to GitLab version 18.10.3 or later, 18.9.5 or later, or 18.8.9 or later. GitLab has released these updates to address the access control flaw. GitLab administrators are strongly encouraged to apply these updates as soon as possible to protect their GitLab instances from potential attacks. Additionally, review GitLab’s access policies and permissions to ensure users only have access to the resources they require. Monitor GitLab logs for unusual activity that may indicate an exploitation attempt.
Actualice GitLab a la versión 18.10.3 o posterior, 18.9.5 o posterior, o 18.8.10 o posterior para mitigar la vulnerabilidad. Esta actualización corrige una falla de control de acceso que permitía a usuarios autenticados invocar métodos del lado del servidor no deseados a través de conexiones WebSocket. Consulte las notas de la versión para obtener más detalles.
Kwetsbaarheidsanalyses en kritieke waarschuwingen direct in uw inbox.
Affected versions are GitLab CE/EE from 16.9.6 up to 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3.
Check your GitLab instance's version and compare it with the listed vulnerable versions. You can also consult GitLab's release notes for information about this vulnerability.
If you cannot update immediately, consider implementing temporary mitigation measures, such as restricting access to WebSocket connections or monitoring GitLab logs for unusual activity.
Some vulnerability scanning tools may detect this vulnerability. Consult your scanning tool's documentation for more information.
You can find more information about this vulnerability in the GitLab security advisory: [Link to GitLab security advisory]
Upload je dependency-bestand en kom direct te weten of deze en andere CVEs jou raken.