CISA: Immediate GitLab account takeover flaw remediation crucial amid attacks

Ongoing intrusions targeting GitLab instances impacted by the maximum severity account takeover vulnerability, tracked as CVE-2023-7028, have prompted the flaw's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerabilities catalog, with federal agencies urged to remediate the security issue by May 22, reports BleepingComputer.

account account takeover agency attacks bleepingcomputer catalog cisa cve cybersecurity devsecops exploited exploited vulnerabilities federal federal agencies flaw gitlab inclusion infrastructure infrastructure security issue known exploited known exploited vulnerabilities known exploited vulnerabilities catalog may network security remediation reports security severity takeover targeting third-party-code vulnerabilities vulnerability