Gitlab vulnerability allows session theft

Again a vulnerability is found on the Internet. Today is GitLab's turn. Security experts have detected a vulnerability that allows the theft of started sessions to users. Imperva is the company that has detected this security flaw. And also the origin of the problem.

Vulnerability in GitLab allows session theft

As they comment, the problem lies in the token that is used to mark the sessions of the users. The ID that identifies this item is too short. This causes a brute force attack to be carried out and the ID that corresponds to the user's session can be found very quickly.

GitLab vulnerability

The problem is that in the case of GitLab this information is not destroyed, something that does happen in most cases. Because if someone manages to identify a user's token, they could carry out all kinds of actions with their account. In addition to having access to your information, you could modify it or make unwanted purchases with it.

It has been commented that brute force is one of the ways they use to obtain this information in GitLab. Although there are also other ways. Another way is with a Man-in-the-Middle attack, since the tokens do not expire. A code injection would also be used in the database. Although in this type of attack there needs to be a security flaw in the servers. And it seems that is not the case this time.

The company has set to work to solve the problem. Some token verification measures have been added. But at the moment there are no more news. GitLab has announced changes throughout the month, so we will see what happens.