Published On: May 23, 2024 07:16
Advisory No: TZCERT/SA/2024/05/23
Source: GitHub
Software Affected: GitHub Enterprise Server (GHES) prior to Version 3.13.0
Advisory No: TZCERT/SA/2024/05/23
Date of First Release: 23rd May 2024
Source: GitHub
Software Affected: GitHub Enterprise Server (GHES) prior to Version 3.13.0
Overview:
GitHub Enterprise Servers (GHES) prior to version 3.13.0 is affected by a critical authentication bypass vulnerability. The vulnerability allows an unauthorized access to the instance without requiring prior authentication.
Description:
An authentication bypass vulnerability, identified as CVE-2024-4985, was discovered in GitHub Enterprise Server (GHES) when using SAML single sign-on (SSO) authentication with the optional encrypted assertions feature. This vulnerability allows an attacker to forge a SAML response, which can then be used to provision and gain access to a user account with site administrator privileges. This critical flaw could enable attackers to bypass authentication mechanisms and gain unauthorized access to the GHES instance without needing prior authentication. A vulnerability has a CVSS Score of 10.0 and treated as critical.
Impact:
Successful exploitation of this vulnerability allows an attacker to gain unauthorizes access to the GHES instance, hence it may extend to exposure of sensitive data, operation disruption and/or further exploitation since an attacker could modify, delete or inject malicious code into repository.
Solution:
GitHub has released security patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.
References:
A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.