CVE-2023-1084: 
GitLab vulnerability analysis and mitigation

A vulnerability was discovered in GitLab CE/EE affecting all versions before 15.7.8, all versions starting from 15.8 before 15.8.4, and all versions starting from 15.9 before 15.9.2. The vulnerability allowed a malicious project Maintainer to create a Project Access Token with Owner level privileges using a crafted request (GitLab Security Release).

The vulnerability stems from improper access control validation in the Project Access Token creation functionality. A project Maintainer could exploit this by manipulating the access level parameter in the token creation request to obtain Owner-level privileges. The vulnerability has been assigned a CVSS score of 2.7 (Low severity) with the vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N (GitLab Security Release).

When exploited, this vulnerability allowed a project Maintainer to elevate their privileges to Owner level through a crafted Project Access Token. This could enable the attacker to perform unauthorized administrative actions within the project scope that should only be available to project Owners (GitLab Security Release).

GitLab has addressed this vulnerability in versions 15.7.8, 15.8.4, and 15.9.2. Users are strongly recommended to upgrade to these or later versions to mitigate the vulnerability. The fix prevents Maintainers from creating Project Access Tokens with privileges higher than their own access level (GitLab Security Release).

The vulnerability was responsibly disclosed through GitLab's HackerOne bug bounty program by security researcher @shubham_sohi (GitLab Security Release).