CVE-2024-6800 (CVSS 9.5): Critical GitHub Enterprise Server Flaw Patched, Admin Access at Risk
GitHub, the world’s leading software development platform, has recently disclosed multiple security vulnerabilities in GitHub Enterprise Server (GHES) that could have allowed attackers to gain unauthorized access and manipulate repositories. These vulnerabilities, identified as CVE-2024-6800, CVE-2024-6337, and CVE-2024-7711, have now been addressed in the latest security patches, but their potential impact underscores the importance of timely updates and vigilant security practices.
The most severe vulnerability, tracked as CVE-2024-6800, carried a critical CVSSv4 score of 9.5. It resided in GHES’s SAML authentication mechanism and could be exploited by an attacker with direct network access to forge a SAML response, effectively granting themselves site administrator privileges. This essentially bypasses the entire authentication process, leaving the instance wide open to compromise.
Another flaw, CVE-2024-6337 (CVSSv4 5.9), allowed a GitHub App with limited permissions to read issue content within private repositories, a clear violation of intended access controls. While exploitation requires a user access token, it still represents a significant privacy breach.
Lastly, CVE-2024-7711 (CVSSv4 5.3) enabled attackers to modify issue titles, assignees, and labels within public repositories. Although less severe, this could disrupt workflows and cause confusion.
All vulnerabilities affected GHES versions prior to 3.14 and have been addressed in the latest security updates: 3.13.3, 3.12.8, 3.11.14, and 3.10.16. Users are strongly urged to update their installations immediately to mitigate the risk of exploitation.
For more information and detailed instructions on applying the necessary patches, users should refer to the official GitHub security advisories [1,2,3,4].