H3-2022-0078¶

Unauthenticated Gitlab User Enumeration

Description¶

The GitLab application allows unauthenticated user enumeration due to a misconfiguration in its public access settings. GitLab is a web-based DevOps lifecycle tool that provides a Git repository manager providing wiki, issue-tracking, and CI/CD pipeline features. An attacker can exploit this misconfiguration by accessing certain endpoints that return a list of users and other potentially sensitive information without requiring authentication.

Impact¶

Exploiting this misconfiguration can enable an attacker to compile a list of valid users, facilitating further malicious actions such as targeted phishing attacks or credential brute-forcing.

References¶

• Project and group visibility
• MITRE ATT&CK Technique: T1087: Account Discovery