Improper privilege management in all versions of GitHub Enterprise Server allows users with authorized access to the management console with an editor role to escalate their privileges by making requests to the endpoint used for bootstrapping the instance.
CVE-2023-46647
The Manage:App
Rails controller of the Github Management console featured a method post β/startβ, which was accessible by both editors and operators (and of course by site admins as well). This method allowed changing the license of the deployment and also resetting the site admin password. A malicious/compromised editor account could escalate their privileges to site admin and access the GHES deployment without any restrictions.