CVE-2022-23737

🗓️ 01 Dec 2022 00:00:00Reported by GitHub_PType

Improper privilege management vulnerability in GitHub Enterprise Server allows unauthorized users to create or delete pages via API

Reporter	Title	Published	Views	Family All 9
CNNVD	GitHub Enterprise Server 安全漏洞	1 Dec 202200:00	–	cnnvd
Cvelist	CVE-2022-23737 Improper Privilege Management in GitHub Enterprise Server leading to page creation and deletion	1 Dec 202200:00	–	cvelist
EUVD	EUVD-2022-28673	3 Oct 202520:07	–	euvd
Hacker One	GitHub: Managing Pages	3 Sep 202214:38	–	hackerone
NVD	CVE-2022-23737	1 Dec 202221:15	–	nvd
Prion	Privilege escalation	1 Dec 202221:15	–	prion
Positive Technologies	PT-2022-16240 · Github · Github Enterprise Server	1 Dec 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-23737	9 Jan 202610:53	–	redhatcve
Vulnrichment	CVE-2022-23737 Improper Privilege Management in GitHub Enterprise Server leading to page creation and deletion	1 Dec 202200:00	–	vulnrichment

NVD

Vulners

Node

github enterprise_serverRange<3.2.20

github enterprise_serverRange3.3.0–3.3.15

github enterprise_serverRange3.4.0–3.4.10

github enterprise_serverRange3.5.0–3.5.7

github enterprise_serverRange3.6.0–3.6.3

[
  {
    "vendor": "GitHub",
    "product": "GitHub Enterprise Server",
    "versions": [
      {
        "version": "3.2",
        "status": "affected",
        "lessThan": "3.2.20",
        "versionType": "custom"
      },
      {
        "version": "3.3",
        "status": "affected",
        "lessThan": "3.3.15",
        "versionType": "custom"
      },
      {
        "version": "3.4",
        "status": "affected",
        "lessThan": "3.4.10",
        "versionType": "custom"
      },
      {
        "version": "3.5",
        "status": "affected",
        "lessThan": "3.5.7",
        "versionType": "custom"
      },
      {
        "version": "3.6",
        "status": "affected",
        "lessThan": "3.6.3",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
docs	www.docs.github.com/en/enterprise-server%403.4/admin/release-notes
docs	www.docs.github.com/en/enterprise-server%403.5/admin/release-notes
docs	www.docs.github.com/en/enterprise-server%403.6/admin/release-notes
docs	www.docs.github.com/en/enterprise-server%403.2/admin/release-notes
docs	www.docs.github.com/en/enterprise-server%403.3/admin/release-notes

24 Apr 2025 15:15Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.5

EPSS0.00132

SSVC

CWE-269