GitHub fixes critical flaw in Enterprise Server allowing unauthorized access to instances

October 16, 2024Delighted LakshmananEnterprise Security/Vulnerability

GitHub has released security updates for Enterprise Server (GHES) to address several issues, including a critical bug that could allow unauthorized access to an instance.

The vulnerability, identified as CVE-2024-9487, has a CVS score of 9.5 out of a maximum of 10.0.

“An attacker could bypass SAML single sign-on (SSO) with the optional encrypted assertions feature, allowing unauthorized user provisioning and instance access, by exploiting an improper cryptographic signature verification vulnerability in GitHub Enterprise Server,” GitHub said in an alert.

The Microsoft-owned company called the regression flaw introduced as part of the follow-up patch CVE-2024-4985 (CVSS score: 10.0), a maximum severity vulnerability that was patched in May 2024.

GitHub also fixed two other flaws:

• CVE-2024-9539 (CVSS score: 5.7) – An information disclosure vulnerability that could allow an attacker to retrieve metadata belonging to a victim user by clicking on malicious URLs for SVG assets.

• Exposure of sensitive data in HTML forms in the management console (no CVE)

The three security vulnerabilities were fixed in Enterprise Server versions 3.14.2, 3.13.5, 3.12.10, and 3.11.16.

In August, GitHub also fixed a critical security flaw (CVE-2024-6800, CVSS score: 9.5) that could be exploited to gain site administrator privileges.

Organizations running a vulnerable self-hosted version of GHES are strongly advised to update to the latest version to protect against potential security threats.