CVE-2024-1250: 
GitLab vulnerability analysis and mitigation

An issue has been discovered in GitLab Enterprise Edition (EE) affecting all versions starting from 16.8 before 16.8.2. The vulnerability allows users assigned a custom role with manage_group_access_tokens permission to potentially create group access tokens with Owner privileges, leading to privilege escalation (GitLab Security, NVD).

The vulnerability is classified as medium severity with a CVSS v3.1 base score of 6.5 (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N). The issue specifically occurs when a user with a custom role based on Guest privileges and the manage_group_access_tokens permission can create Owner-level Group Access Tokens (GAT) through both the UI and REST API interfaces (GitLab Security).

When exploited, this vulnerability allows privilege escalation where a low-privileged user can elevate their permissions to Owner level by creating and utilizing Group Access Tokens with Owner privileges. This enables unauthorized access to higher-level permissions and resources within the GitLab instance (GitLab Issue).

The vulnerability has been fixed in GitLab version 16.8.2. Organizations are strongly recommended to upgrade to this version immediately. The fix implements restrictions where users with custom roles can only create Group Access Tokens with access levels less than or equal to their own access level, up to a maximum of Maintainer (GitLab Security).