CVE-2021-22213 : Security Advisory and Response

A cross-site leak vulnerability in the OAuth flow of all versions of GitLab CE/EE since 7.10 allowed an attacker to leak an OAuth access token by getting the victim to visit a malicious page with Safari.

Understanding CVE-2021-22213

This CVE affects GitLab versions from 7.10 to 13.12.2 and has a high severity base score of 8.8.

What is CVE-2021-22213?

CVE-2021-22213 is a vulnerability in GitLab that enables unauthorized access to OAuth tokens through a cross-site leak in the OAuth flow.

The Impact of CVE-2021-22213

The vulnerability poses a high risk, allowing attackers to leak OAuth access tokens compromising confidentiality, integrity, and availability.

Technical Details of CVE-2021-22213

The vulnerability affects GitLab versions >=7.10 and <13.12.2 with a high base severity score of 8.8.

Vulnerability Description

An attacker could exploit this issue to leak OAuth tokens by tricking users into visiting a malicious page via Safari.

Affected Systems and Versions

GitLab versions >=7.10 and <13.10.5, >=13.11 and <13.11.5, >=13.12 and <13.12.2 are affected by this vulnerability.

Exploitation Mechanism

The vulnerability is exploited through a cross-site leak in the OAuth flow, leading to unauthorized access to OAuth tokens.

Mitigation and Prevention

To secure your GitLab instance against CVE-2021-22213, immediate action and long-term security practices are essential.

Immediate Steps to Take

Update your GitLab instance to versions 13.10.5, 13.11.5, or 13.12.2 to patch the vulnerability and prevent unauthorized access to OAuth tokens.

Long-Term Security Practices

Regularly monitor security advisories from GitLab and apply patches promptly to mitigate future security risks.

Patching and Updates

Stay informed about GitLab security updates and implement a robust patch management strategy to protect your system from known vulnerabilities.