Lucene search
+L

4 matches found

nvd
nvd
added 2024/02/13 7:15 p.m.28 views

CVE-2024-1355

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a service URL. Exploitation of this vulnerability...

9.1CVSS9.5AI score0.02363EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2024/02/13 6:51 p.m.6 views

CVE-2024-1355 Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a service URL. Exploitation of this vulnerability...

9.1CVSS7.7AI score0.02363EPSS
Exploits0References4
cve
cve
added 2024/02/13 6:51 p.m.93 views

CVE-2024-1355

CVE-2024-1355 describes a command injection in GitHub Enterprise Server. An attacker with the Management Console editor role could exploit the actions-console docker container to gain admin SSH access to the appliance by manipulating a service URL. Exploitation required access to the GitHub Enter...

9.1CVSS9.4AI score0.02363EPSS
Exploits0References4Affected Software1
hackerone
hackerone
added 2024/01/17 11:56 a.m.13 views

GitHub: Management Console Editor Privilege Escalation to Root SSH Access in GitHub Enterprise Server via RCE in actions-console

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a service URL. The vulnerability affected all versio...

9.1CVSS9.5AI score0.02363EPSS
Exploits0
Rows per page
Query Builder