PatchSiren cyber security CVE debrief
CVE-2016-4340 Gitlab CVE debrief
CVE-2016-4340 describes a GitLab impersonation issue in which a remote authenticated user could "log in" as another user through unspecified vectors. NVD rates the issue HIGH (CVSS 3.0 8.8) with network attack scope, low complexity, and no user interaction. The affected range in the NVD corpus spans GitLab 8.2.0 through 8.7.0. Because the issue enables account impersonation, it should be treated as a high-risk authorization break with possible confidentiality, integrity, and availability impact.
- Vendor
- Gitlab
- Product
- CVE-2016-4340
- CVSS
- HIGH 8.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-01-23
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-01-23
- Advisory updated
- 2026-05-13
Who should care
GitLab administrators, security teams, and application owners running any affected GitLab release from 8.2.0 through 8.7.0 should prioritize this. Teams that rely on GitLab for source control, access control, or internal collaboration should also review whether privileged or shared accounts may have been exposed to unauthorized impersonation.
Technical summary
The NVD description states that the GitLab impersonate feature allowed remote authenticated users to log in as any other user via unspecified vectors. NVD maps the weakness to CWE-264 and assigns CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating that a low-privileged authenticated attacker could potentially gain another user's identity and permissions. The corpus does not include the underlying technical root cause, so only the impersonation outcome is confirmed here.
Defensive priority
High. This is an authentication/authorization issue that can directly expose user accounts and privileges, and the NVD record lists public exploit references. Affected instances should be remediated as soon as possible.
Recommended defensive actions
- Upgrade GitLab to a version that contains the vendor fix referenced in the GitLab advisory for CVE-2016-4340.
- If immediate upgrade is not possible, restrict access to GitLab to trusted users and networks and review whether impersonation-related functionality can be disabled or limited in your deployment.
- Audit GitLab logs and account activity for signs of unexpected user switching, session reuse, or actions taken under privileged identities.
- Rotate credentials and review access for accounts that may have been impersonated, especially administrator or maintainer accounts.
- Confirm all deployed GitLab instances, including self-managed and staging environments, are on non-vulnerable versions.
Evidence notes
This debrief is based on the supplied NVD metadata and the linked reference list only. The corpus shows affected GitLab versions 8.2.0 through 8.7.0, a remote-authenticated impersonation impact, CVSS 3.0 8.8, and a legacy CWE-264 mapping. The corpus also lists vendor advisory and issue-tracker references, plus public exploit references, but their bodies were not fetched here.
Official resources
-
CVE-2016-4340 CVE record
CVE.org
-
CVE-2016-4340 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory, VDB Entry
-
Mitigation or vendor reference
[email protected] - Mitigation, Patch, Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Issue Tracking, Patch, Vendor Advisory
-
Mitigation or vendor reference
[email protected] - Exploit, Third Party Advisory, VDB Entry
CVE published by NVD/CVE on 2017-01-23 and modified on 2026-05-13. The linked GitLab advisory reference in the corpus is dated 2016-05-02. This debrief relies only on the supplied NVD corpus and reference metadata; vendor page bodies were