CVE-2025-2498

An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that under certain conditions could have allowed users to view assigned issues from restricted groups by bypassing IP restrictions.

CVSS v3 3.1 LOW

3.1^/10

CVSS v3 : LOW

Vector :

Exploitability : 1.6 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://gitlab.com/gitlab-org/gitlab/-/issues/525515	Broken Link
https://hackerone.com/reports/3037722	Permissions Required

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
	cpe:2.3:a:gitlab:gitlab:::::enterprise:::*

History

15 Aug 2025, 16:25

Type	Values Removed	Values Added
CPE		cpe:2.3:a:gitlab:gitlab:::::enterprise:::*
First Time		Gitlab gitlab Gitlab
References	~~() https://gitlab.com/gitlab-org/gitlab/-/issues/525515 -~~	() https://gitlab.com/gitlab-org/gitlab/-/issues/525515 - Broken Link
References	~~() https://hackerone.com/reports/3037722 -~~	() https://hackerone.com/reports/3037722 - Permissions Required

14 Aug 2025, 13:12

Type	Values Removed	Values Added
Summary		(es) Un control de acceso inadecuado en Gitlab EE que afecta a todas las versiones desde la 12.0 anterior a la 18.0.6, la 18.1 anterior a la 18.1.4 y la 18.2 anterior a la 18.2.2 que, bajo ciertas condiciones, podría haber permitido a los usuarios ver problemas asignados de grupos restringidos eludiendo las restricciones de IP.

13 Aug 2025, 18:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-13 18:15

Updated : 2025-08-15 16:25

NVD link : CVE-2025-2498

Mitre link : CVE-2025-2498

CVE.ORG link : CVE-2025-2498

JSON object : View

Products Affected

gitlab

gitlab

CWE

CWE-1220

Insufficient Granularity of Access Control

{"id": "CVE-2025-2498", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@gitlab.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 3.1, "attackVector": "NETWORK", "baseSeverity": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 1.6}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 2.8}]}, "published": "2025-08-13T18:15:30.657", "references": [{"url": "https://gitlab.com/gitlab-org/gitlab/-/issues/525515", "tags": ["Broken Link"], "source": "cve@gitlab.com"}, {"url": "https://hackerone.com/reports/3037722", "tags": ["Permissions Required"], "source": "cve@gitlab.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cve@gitlab.com", "description": [{"lang": "en", "value": "CWE-1220"}]}], "descriptions": [{"lang": "en", "value": "An improper access control in Gitlab EE affecting all versions from 12.0 prior to 18.0.6, 18.1 prior to 18.1.4, and 18.2 prior to 18.2.2 that under certain conditions could have allowed users to view assigned issues from restricted groups by bypassing IP restrictions."}, {"lang": "es", "value": "Un control de acceso inadecuado en Gitlab EE que afecta a todas las versiones desde la 12.0 anterior a la 18.0.6, la 18.1 anterior a la 18.1.4 y la 18.2 anterior a la 18.2.2 que, bajo ciertas condiciones, podr\u00eda haber permitido a los usuarios ver problemas asignados de grupos restringidos eludiendo las restricciones de IP."}], "lastModified": "2025-08-15T16:25:17.323", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "90380151-3766-4585-9C6C-7EE4D236A04F", "versionEndExcluding": "18.0.6", "versionStartIncluding": "12.0.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "A8A01B2F-02DE-4743-939A-F9170497ACB6", "versionEndExcluding": "18.1.4", "versionStartIncluding": "18.1.0"}, {"criteria": "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*", "vulnerable": true, "matchCriteriaId": "CAFE4523-C681-44E4-A5E1-312D520EEBEE", "versionEndExcluding": "18.2.2", "versionStartIncluding": "18.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@gitlab.com"}