GitHub has addressed several vulnerabilities in GitHub Enterprise Server (GHES) that could have allowed attackers to gain unauthorized access and manipulate repositories.
The most critical vulnerability is tracked as CVE-2024-6800 with a CVSSv4 score of 9.5, resided in GHES’s SAML authentication mechanism and could be exploited by an attacker with direct network access to forge a SAML response, effectively granting themselves site administrator privileges which bypasses the entire authentication process, leaving the instance wide open to compromise.
The second vulnerability is tracked as CVE-2024-6337 with a CVSSv4 of 5.9, which allowed a GitHub App with limited permissions to read issue content within private repositories, a clear violation of intended access controls. However, to exploit the vulnerability it requires a user access token, it still represents a significant privacy breach.
The third vulnerability tracked as CVE-2024-7711 with a CVSSv4 of 5.3 enabled attackers to modify issue titles, assignees, and labels within public repositories and disrupt workflows and cause confusion.
All vulnerabilities affected GHES versions prior to 3.14 and have been addressed in the latest security updates: 3.13.3, 3.12.8, 3.11.14, and 3.10.16. Users are strongly urged to update their installations immediately to mitigate the risk of exploitation.
For more information, refer to the official GitHub security advisories.
Nice information