GitHub Enterprise Server XML Signature Wrapping Vulnerability
CVE-2024-6800

9.8CRITICAL

Key Information:

Vendor

Github
Status
Github Enterprise Server
Vendor
CVE Published:
20 August 2024

Badges

đź“° News Worthy

What is CVE-2024-6800?

The CVE-2024-6800 vulnerability in GitHub Enterprise Server is a critical XML signature wrapping vulnerability that allows attackers to bypass authentication requirements when using SAML single sign-on (SSO) authentication with specific identity providers. This could result in unauthorized access to user accounts with site administrator privileges. The vulnerability affects all versions of GitHub Enterprise Server prior to 3.14 and has been fixed in versions 3.13.3, 3.12.8, 3.11.14, and 3.10.16. While it has not been exploited in the wild, organizations are advised to update to the patched versions to mitigate the risk. This vulnerability does not have any known impacts from ransomware groups.

Affected Version(s)

GitHub Enterprise Server 3.13.0 <= 3.13.2

GitHub Enterprise Server 3.13.0 <= 3.13.2

GitHub Enterprise Server 3.12.0 <= 3.12.7

News Articles

favicon imageHelp Net Security

Critical GitHub Enterprise Server auth bypass flaw fixed (CVE-2024-6800) - Help Net Security

A critical vulnerability (CVE-2024-6800) in GitHub Enterprise Server may allow attackers to gain access to the instance's contents.

References

https://docs.github.com/en/[email protected]/admin/r...
https://docs.github.com/en/[email protected]/admin/r...
https://docs.github.com/en/[email protected]/admin/r...

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • đź“°

    First article discovered by Help Net Security

  • Vulnerability published

Credit

ahacker1
.