CVE-2023-5612 is a medium-severity vulnerability affecting GitLab versions prior to 16.6.6, 16.7 before 16.7.4, and 16.8 before 16.8.1. The vulnerability is classified under CWE-862, which refers to missing authorization. Specifically, this flaw allows unauthorized users to read the email addresses of GitLab users via the tags feed feature, even when the user profile visibility settings have been configured to hide email addresses. This indicates an authorization bypass where access controls intended to protect user email information are not properly enforced in the tags feed endpoint. The vulnerability has a CVSS 3.1 base score of 5.3, reflecting a medium severity level. The vector indicates that the attack can be performed remotely over the network (AV:N), requires no privileges (PR:N), and no user interaction (UI:N), making it relatively easy to exploit. However, the impact is limited to confidentiality loss of user email addresses, with no impact on integrity or availability. There are no known exploits in the wild at the time of publication, and no official patch links were provided in the data, though GitLab has released fixed versions. This vulnerability could be leveraged by attackers to harvest email addresses for phishing campaigns or social engineering attacks, potentially increasing the risk of targeted attacks on GitLab users or organizations using GitLab.

For European organizations using GitLab, this vulnerability poses a privacy and confidentiality risk. Exposure of user email addresses can facilitate spear-phishing, social engineering, and targeted attacks against employees or contractors. This is particularly concerning for organizations subject to strict data protection regulations such as GDPR, where unauthorized disclosure of personal data (including email addresses) can lead to regulatory penalties and reputational damage. While the vulnerability does not allow modification or disruption of services, the leakage of email addresses can serve as a stepping stone for more sophisticated attacks. Organizations with large development teams or those using GitLab for critical projects may face increased risk. Additionally, the breach of user privacy could undermine trust in internal collaboration platforms. Given the ease of exploitation without authentication or user interaction, attackers could automate the collection of email addresses at scale.

European organizations should promptly upgrade GitLab to versions 16.6.6, 16.7.4, 16.8.1 or later where this vulnerability is fixed. Until patching is complete, organizations can mitigate risk by restricting access to the GitLab instance to trusted networks or VPNs to reduce exposure to unauthorized users. Review and tighten access controls and visibility settings for user profiles and tags feeds. Monitor logs for unusual access patterns to the tags feed endpoint that could indicate reconnaissance activity. Implement email filtering and user awareness training to reduce the impact of potential phishing attacks leveraging harvested email addresses. Consider deploying Web Application Firewalls (WAFs) with rules to detect and block suspicious requests targeting the tags feed. Finally, maintain an inventory of GitLab users and regularly audit permissions to ensure minimal exposure of sensitive information.