GitHub has rolled out updates to resolve three security vulnerabilities affecting its Enterprise Server product, including a critical flaw that could be exploited to obtain site administrator privileges.
The most severe issue, identified as CVE-2024-6800, has been rated with a CVSS score of 9.5.
According to GitHub‘s advisory, “On instances of GitHub Enterprise Server utilizing SAML single sign-on (SSO) authentication with specific identity providers (IdPs) that expose signed federation metadata XML publicly, an attacker could craft a SAML response to either provision or gain access to a user account with site administrator privileges.”
Additionally, the Microsoft-owned company has fixed two medium-severity vulnerabilities:
- CVE-2024-7711 (CVSS score: 5.3) – An authorization flaw allowing attackers to modify the title, assignees, and labels of any issue in a public repository.
- CVE-2024-6337 (CVSS score: 5.9) – An authorization issue that could allow attackers to access issue details from a private repository through a GitHub App with only contents: read and pull requests: write permissions.
All three flaws have been patched in GHES versions 3.13.3, 3.12.8, 3.11.14, and 3.10.16.
In May, GitHub addressed another critical vulnerability (CVE-2024-4985, CVSS score: 10.0) that allowed unauthorized access to an instance without prior authentication.
Organizations using a vulnerable self-hosted version of GHES are strongly urged to upgrade to the latest version to protect against these security risks.
Source: TheHackerNews
