GitLab - Uninitialized Password Vulnerability Scanner
Gitlab < v.14 allows Uninitialized Password Vulnerability.
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
29 days 16 hours
Scan only one
URL
Toolbox
-
Prior to version 14, GitLab installations required a root password to be set via the web UI. If the administrator skipped this step, any visitor could set a password and control the instance.