Update 20240927002

Updated Title with correct formatting. Updated Version list with accurate information. Updated Recommendation hyperlinks with correct formatting.
wagov · Sep 27, 2024 · f119286 · f119286
1 parent ce2d577
commit f119286
Showing 1 changed file with 7 additions and 6 deletions.
diff --git a/docs/advisories/20240927002-GitLab-Critical-Vulnerability.md b/docs/advisories/20240927002-GitLab-Critical-Vulnerability.md
@@ -1,14 +1,14 @@
-# GitLab Critical Vulnerability CVE-2024-45409 - #20240927002
+# GitLab Critical Vulnerability - 20240927002
 
 ## Overview
 
-In a crucial security release, GitLab has addressed a severe vulnerability (CVE-2024-45409) in its Community Edition (CE) and Enterprise Edition (EE) platforms, impacting all self-managed installations.
+GitLab has released critical advisories to addressed a severe vulnerability in its Community Edition (CE) and Enterprise Edition (EE) platforms, impacting all self-managed installations.
 
 ## What is vulnerable?
 
 | Product(s) Affected | Version(s)          | CVE                                                               | CVSS    | Severity     |
 | ------------------- | ------------------- | ----------------------------------------------------------------- | ------- | ------------ |
-| GitLab CE/EE        | 17.x.x and 16.11.10 | [CVE-2024-45409](https://nvd.nist.gov/vuln/detail/CVE-2024-45409) | **9.8** | **Critical** |
+| GitLab CE/EE        | 17.3 < 17.3.3 <br> 17.2 < 17.2.7 <br> 17.1 < 17.1.8 <br> 17.0 < 17.0.8 <br> all versions < 16.11.10 | [CVE-2024-45409](https://nvd.nist.gov/vuln/detail/CVE-2024-45409) | **9.8** | **Critical** |
 
 ## What has been observed?
 
@@ -18,8 +18,9 @@ There is no evidence of exploitation affecting Western Australian Government net
 
 The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of *48 hours...* (refer [Patch Management](../guidelines/patch-management.md)).
 
+- Github advisory: <https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-cvp8-5r8g-fhvq>
+- Github advisory: <https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-jw9c-mfg7-9rx2>
+
 ## Additional References
 
-- [GitLab backports fix for CVE-2024-45409 to older versions](https://securityonline.info/gitlab-backports-fix-for-cve-2024-45409-to-older-versions/)
-- https://github.com/omniauth/omniauth-saml/security/advisories/GHSA-cvp8-5r8g-fhvq
-- https://github.com/SAML-Toolkits/ruby-saml/security/advisories/GHSA-jw9c-mfg7-9rx2
+- SecurityOnline article: <https://securityonline.info/gitlab-backports-fix-for-cve-2024-45409-to-older-versions/>