Unrated severityNVD Advisory· Published Dec 18, 2019· Updated Aug 4, 2024

CVE-2019-5486

Description

A authentication bypass vulnerability exists in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.10 in the Salesforce login integration that could be used by an attacker to create an account that bypassed domain restrictions and email verification requirements.

Affected products

GitLab/GitLab CE/EEdescription
GitLab Inc./CE/EEllm-fuzzy
Range: <v12.3.2
osv-coords4 versions
pkg:apk/chainguard/gitlab-operator pkg:apk/chainguard/gitlab-operator-charts pkg:apk/chainguard/gitlab-operator-compat pkg:apk/chainguard/gitlab-operator-fips
< 0+ 3 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

hackerone.com/reports/617896mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000