Over 5,300 GitLab servers exposed to zero-click account takeover attacks
Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month.
cpe:2.3:a:juniper:jweb:*:*:*:*:*:*:*:*
. * As emphasized last year in CISA’s BOD 23-02 guidance, exposed network management interfaces continue to pose a significant risk. Restrict access to these interfaces from the public internet wherever possible.