Authentication Bypass Vulnerability in GitHub Enterprise Server via SAML Single Sign-On
Key Information
- Vendor
- GitHub
- Vendor
- CVE Published:
- 20 May 2024
Badges
Summary
The CVE-2024-4985 vulnerability affects GitHub Enterprise Server (GHES) and is a critical authentication bypass issue with a severity score of 10.0. This vulnerability allows attackers to gain unrestricted access to GHES instances using SAML single sign-on (SSO) authentication with the optional encrypted assertions feature enabled. Exploitation of the vulnerability can result in unauthorized access without requiring prior authentication. The impact of the vulnerability is substantial and can lead to theft of sensitive data, breaches of confidential information, and significant disruptions to development operations. The vulnerability has been fixed in versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4 of GHES, and disabling SAML authentication or the encrypted assertions feature can serve as a temporary mitigation. At the time of the articles' publication, there were no confirmed reports of the vulnerability being actively exploited in the wild. Organizations using vulnerable GHES configurations are advised to apply the patches immediately to secure their systems.
News Articles
Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel - Help Net Security
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Google fixes yet another Chrome zero-day exploited in
5 months ago
GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985) - Help Net Security
A critical vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed.
5 months ago
How to fix CVE-2024-4985 in GitHub Enterprise Server
CVE-2024-4985 is a critical vulnerability in GitHub Enterprise Server. Here's everything you need to know.
5 months ago