In all versions of GitLab CE/EE since version 11.0, the requirement to enforce 2FA is not honored when using git commands.
2021-10-04T17:15:08.027
2024-11-21T06:20:26.537
Modified
CVSSv3.1: 4.3 (MEDIUM)
AV:N/AC:L/Au:S/C:N/I:P/A:N
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | gitlab | gitlab | < 14.1.7 | Yes |
| Application | gitlab | gitlab | < 14.1.7 | Yes |
| Application | gitlab | gitlab | < 14.2.5 | Yes |
| Application | gitlab | gitlab | < 14.2.5 | Yes |
| Application | gitlab | gitlab | < 14.3.1 | Yes |
| Application | gitlab | gitlab | < 14.3.1 | Yes |