2 matches found
CVE-2023-46648
An insufficient entropy vulnerability was identified in GitHub Enterprise Server GHES that allowed an attacker to brute force a user invitation to the GHES Management Console. To exploit this vulnerability, an attacker would need knowledge that a user invitation was pending. This vulnerability...
CVE-2023-46648
The CVE-2023-46648 entry concerns an insufficient entropy vulnerability in GitHub Enterprise Server (GHES) invitation tokens for the Management Console. The root cause is the entropy insufficiency of the invitation token mechanism, enabling brute-force attempts to identify pending user invitation...