GitHub Issues Another Critical Vuln for its Enterprise Server
October 2024 by Sylvain Cortes, VP Strategy at Hackuity
GitHub Enterprise Server has issued a critical patch for another highly critical vulnerability, which allows attackers to bypass authentication mechanisms if not addressed.
Sylvain Cortes, VP Strategy, Hackuity explains:
“GitHub’s security flaw, CVE-2024-9487, is critical. With a severity rating of 9.5 out of 10, this vulnerability could allow an attacker to gain full admin access to the GitHub Enterprise Server without authentication, through improper verification of cryptographic signatures.
Many organisations still find patching to be a challenge, but this recent vulnerability is a great reminder of the need for security teams to stay vigilant about the most critical issues within their network.
It’s reported that the number of affected users is limited, however users of the Enterprise Server software should push patching of this vulnerability to the top of their to-do lists.
The good news is, the vulnerability is only exploitable where SAML SSO is used with encrypted assertions enabled, and this feature is not activated automatically. Furthermore, the vulnerability is only present in versions released before version 3.15 of the code, or a prior version without the latest update installed.”