Vulnerabilities fixed in GitHub Enterprise Server

🗓️ 22 Aug 2024 11:40:38Reported by NCSCType

ncsc

ncsc🔗 advisories.ncsc.nl👁 3 Views

GitHub Enterprise Server fixes vulnerabilities that could expose data and allow rogue saml traffic.

Reporter	Title	Published	Views	Family All 36
BDU FSTEC	The vulnerability of the corporate version of the GitHub Enterprise Server is related to improper authentication, which allows a malicious user to modify issues in public repositories.	16 Sep 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the SAML SSO authentication mechanism in the corporate version of the GitHub Enterprise Server allows a perpetrator to gain access to a user account with administrator privileges.	16 Sep 202400:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the corporate version of the GitHub Enterprise Server, related to the disclosure of content in private repositories, allows a violator to gain access to confidential information.	16 Sep 202400:00	–	bdu_fstec
Circl	CVE-2024-6337	20 Aug 202422:59	–	circl
Circl	CVE-2024-6800	20 Aug 202422:59	–	circl
Circl	CVE-2024-7711	20 Aug 202422:59	–	circl
CVE	CVE-2024-6337	20 Aug 202419:19	–	cve
CVE	CVE-2024-6800	20 Aug 202419:21	–	cve
CVE	CVE-2024-7711	20 Aug 202419:17	–	cve
Cvelist	CVE-2024-6337 Incorrect Authorization allows read access to issues in GitHub Enterprise Server	20 Aug 202419:19	–	cvelist

Source	Link
docs	www.docs.github.com/en/[email protected]/admin/release-notes
docs	www.docs.github.com/en/[email protected]/admin/release-notes
docs	www.docs.github.com/en/[email protected]/admin/release-notes
docs	www.docs.github.com/en/[email protected]/admin/release-notes

22 Aug 2024 11:40Current

7.3High risk

Vulners AI Score7.3

CVSS 3.19.8

CVSS 49.5

EPSS0.03012

SSVC

github enterprise server vulnerabilities data exposure rogue saml traffic updates released