CVE-2024-4994 - Vulnerability Details - OpenCVE

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1.0 before 16.11.5, all versions starting from 17.0 before 17.0.3, all versions starting from 17.1.0 before 17.1.1 which allowed for a CSRF attack on GitLab's GraphQL API leading to the execution of arbitrary GraphQL mutations.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Gitlab	Gitlab

No data.

No data.

References

Link	Providers
https://gitlab.com/gitlab-org/gitlab/-/issues/462012
https://hackerone.com/reports/2473644

History

Fri, 20 Jun 2025 18:30:00 +0000

Type	Values Removed	Values Added
Description		An issue has been discovered in GitLab CE/EE affecting all versions from 16.1.0 before 16.11.5, all versions starting from 17.0 before 17.0.3, all versions starting from 17.1.0 before 17.1.1 which allowed for a CSRF attack on GitLab's GraphQL API leading to the execution of arbitrary GraphQL mutations.
Title		Cross-Site Request Forgery (CSRF) in GitLab
First Time appeared		Gitlab Gitlab gitlab
Weaknesses		CWE-352
CPEs		cpe:2.3:a:gitlab:gitlab::::::::
Vendors & Products		Gitlab Gitlab gitlab
References		https://gitlab.com/gitlab-org/gitlab/-/issues/462012 https://hackerone.com/reports/2473644
Metrics		cvssV3_1 `{'score': 8.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N'}`

MITRE

Status: PUBLISHED

Assigner: GitLab

Published: 2025-06-20T18:14:37.887Z

Updated: 2025-06-23T15:22:37.297Z

Reserved: 2024-05-16T10:30:52.440Z

Link: CVE-2024-4994

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-06-20T19:15:35.460

Modified: 2025-06-20T19:15:35.460

Link: CVE-2024-4994

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-4994", "assignerOrgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "state": "PUBLISHED", "assignerShortName": "GitLab", "dateReserved": "2024-05-16T10:30:52.440Z", "datePublished": "2025-06-20T18:14:37.887Z", "dateUpdated": "2025-06-23T15:22:37.297Z"}, "containers": {"cna": {"title": "Cross-Site Request Forgery (CSRF) in GitLab", "descriptions": [{"lang": "en", "value": "An issue has been discovered in GitLab CE/EE affecting all versions from 16.1.0 before 16.11.5, all versions starting from 17.0 before 17.0.3, all versions starting from 17.1.0 before 17.1.1 which allowed for a CSRF attack on GitLab's GraphQL API leading to the execution of arbitrary GraphQL mutations."}], "affected": [{"vendor": "GitLab", "product": "GitLab", "repo": "git://[email protected]:gitlab-org/gitlab.git", "cpes": ["cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"], "versions": [{"version": "16.1", "status": "affected", "lessThan": "16.11.5", "versionType": "semver"}, {"version": "17.0.0", "status": "affected", "lessThan": "17.0.3", "versionType": "semver"}, {"version": "17.1.0", "status": "affected", "lessThan": "17.1.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-352: Cross-Site Request Forgery (CSRF)", "cweId": "CWE-352", "type": "CWE"}]}], "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/462012", "name": "GitLab Issue #462012", "tags": ["issue-tracking", "permissions-required"]}, {"url": "https://hackerone.com/reports/2473644", "name": "HackerOne Bug Bounty Report #2473644", "tags": ["technical-description", "exploit", "permissions-required"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "REQUIRED", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH"}}], "solutions": [{"lang": "en", "value": "Upgrade to versions 16.11.5, 17.0.3, 17.1.1 or above."}], "credits": [{"lang": "en", "value": "Thanks [ahacker1](https://hackerone.com/ahacker1) for reporting this vulnerability through our HackerOne bug bounty program", "type": "finder"}], "providerMetadata": {"orgId": "ceab7361-8a18-47b1-92ba-4d7d25f6715a", "shortName": "GitLab", "dateUpdated": "2025-06-20T18:14:37.887Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-23T15:22:30.992339Z", "id": "CVE-2024-4994", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-23T15:22:37.297Z"}}]}}