Critical Authentication Bypass Flaw Detected in GitHub Enterprise Server

August 21, 2024

A high-risk vulnerability has been discovered in various versions of GitHub Enterprise Server, which could potentially be exploited by an attacker to bypass security measures and obtain administrative access. This security flaw is classified as CVE-2024-6800 and has been assigned a severity rating of 9.5 according to the CVSS 4.0 standard. The vulnerability is characterized as an issue with XML signature wrapping that arises when the Security Assertion Markup Language (SAML) authentication standard is used with certain identity providers.

GitHub Enterprise Server (GHES) is an on-premises version of GitHub designed for businesses that either lack the necessary expertise to work with the public cloud or prefer to manage their own access and security controls. The FOFA search engine, which is used to identify network assets exposed on the public web, has found over 36,500 GHES instances accessible online, with the majority (29,200) located in the United States. However, it remains uncertain how many of these exposed GHES instances are running a version of the software that is susceptible to the vulnerability.

GitHub has addressed this issue in the 3.13.3, 3.12.8, 3.11.14, and 3.10.16 versions of GHES. These updated GHES versions also include fixes for two other vulnerabilities, both of which have been assigned a medium severity rating. All three of these security issues were reported through GitHub's Bug Bounty program on the HackerOne platform.

GitHub has issued a warning that some services may display errors during the configuration process after the security updates have been applied, but the instances should still start correctly. The bulletin also notes several issues related to log entries, memory utilization, and service interruptions during specific operations, so system administrators are advised to review the 'Known issues' section before applying the update.

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.