Lucene search
GitHub_PCVELIST:CVE-2020-10516HistoryJun 03, 2020 - 1:31 p.m.
CVE-2020-10516 Improper access control in GitHub Enterprise Server leading to privilege escalation of organization member
2020-06-0313:31:24
CWE-285
GitHub_P
www.cve.org
3
An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories within an organization. This vulnerability affected all versions of GitHub Enterprise Server prior to 2.21 and was fixed in 2.20.9, 2.19.15, and 2.18.20. This vulnerability was reported via the GitHub Bug Bounty program.
CNA Affected
[
{
"product": "GitHub Enterprise Server",
"vendor": "GitHub",
"versions": [
{
"lessThan": "2.20.9",
"status": "affected",
"version": "2.20",
"versionType": "custom"
},
{
"lessThan": "2.19.15",
"status": "affected",
"version": "2.19",
"versionType": "custom"
},
{
"lessThan": "2.18.20",
"status": "affected",
"version": "2.18",
"versionType": "custom"
}
]
}
]Related
nvd
nvd
CVE-2020-10516
2020-06-03 14:15:12
prion
prion
Improper access control
2020-06-03 14:15:00
cve
cve
CVE-2020-10516
2020-06-03 14:15:12