Authentication Bypass Vulnerability in GitHub Enterprise Server via SAML Single Sign-On

Summary

The CVE-2024-4985 vulnerability affects GitHub Enterprise Server (GHES) and is a critical authentication bypass issue with a severity score of 10.0. This vulnerability allows attackers to gain unrestricted access to GHES instances using SAML single sign-on (SSO) authentication with the optional encrypted assertions feature enabled. Exploitation of the vulnerability can result in unauthorized access without requiring prior authentication. The impact of the vulnerability is substantial and can lead to theft of sensitive data, breaches of confidential information, and significant disruptions to development operations. The vulnerability has been fixed in versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4 of GHES, and disabling SAML authentication or the encrypted assertions feature can serve as a temporary mitigation. At the time of the articles' publication, there were no confirmed reports of the vulnerability being actively exploited in the wild. Organizations using vulnerable GHES configurations are advised to apply the patches immediately to secure their systems.

News Articles

Help Net Security

CVE-2024-5274CVE-2024-4985

Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google fixes yet another Chrome zero-day exploited in

6 months ago

Help Net Security

CVE-2024-4985

GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985) - Help Net Security

A critical vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed.

6 months ago

Vulcan Cyber

CVE-2024-4985

How to fix CVE-2024-4985 in GitHub Enterprise Server

CVE-2024-4985 is a critical vulnerability in GitHub Enterprise Server. Here's everything you need to know.

6 months ago

More News...