Race Condition allows Unauthorized Outside Collaborator
CVE-2023-6803
5.8MEDIUM
Summary
A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.
Affected Version(s)
Enterprise Server <= 3.8.11
Enterprise Server <= 3.8.11
Enterprise Server <= 3.9.6
Refferences
CVSS V3.1
Score:
5.8
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
Low
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
High
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database
Credit
inspector-ambitious