Critical Authentication Bypass Flaw Detected in GitHub Enterprise Server
August 21, 2024
A high-risk vulnerability has been discovered in various versions of GitHub Enterprise Server, which could potentially be exploited by an attacker to bypass security measures and obtain administrative access. This security flaw is classified as CVE-2024-6800 and has been assigned a severity rating of 9.5 according to the CVSS 4.0 standard. The vulnerability is characterized as an issue with XML signature wrapping that arises when the Security Assertion Markup Language (SAML) authentication standard is used with certain identity providers.
GitHub Enterprise Server (GHES) is an on-premises version of GitHub designed for businesses that either lack the necessary expertise to work with the public cloud or prefer to manage their own access and security controls. The FOFA search engine, which is used to identify network assets exposed on the public web, has found over 36,500 GHES instances accessible online, with the majority (29,200) located in the United States. However, it remains uncertain how many of these exposed GHES instances are running a version of the software that is susceptible to the vulnerability.
GitHub has addressed this issue in the 3.13.3, 3.12.8, 3.11.14, and 3.10.16 versions of GHES. These updated GHES versions also include fixes for two other vulnerabilities, both of which have been assigned a medium severity rating. All three of these security issues were reported through GitHub's Bug Bounty program on the HackerOne platform.
GitHub has issued a warning that some services may display errors during the configuration process after the security updates have been applied, but the instances should still start correctly. The bulletin also notes several issues related to log entries, memory utilization, and service interruptions during specific operations, so system administrators are advised to review the 'Known issues' section before applying the update.
Latest News
- Stealthy Msupedge Backdoor Exploits PHP Flaw in Cyber Attack on Taiwanese University
- Security Vulnerability in Azure Kubernetes Services Unveiled by Researchers
- Lazarus Hackers Exploit Windows Driver Zero-Day to Install Rootkit
- CISA Issues Warning Over Critical Jenkins RCE Bug Being Leveraged in Ransomware Attacks
- Ivanti vTM Bug Exploit Attempts Detected, Experts Warn
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.