GitHub Authentication Bypass Opens Enterprise Server to Attackers
The max-severity bug affects versions using the SAML single sign-on mechanism.
![Github logo on a mobile phone Github logo on a mobile phone](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt5df57bb14e53549f/664e4f18885a2a4e98b7cdb9/GitHub_SOPA_Images_Limited_alamy.jpg?width=850&auto=webp&quality=95&format=jpg&disable=upscale)
A max-critical security vulnerability in GitHub's Enterprise Server could allow attackers to bypass authentication and obtain administrative privileges.
The good news is that the bug (CVE-2024-4985, CVSS 10) only affects implementations that use the SAML single sign-on (SSO) authentication approach with the optional encrypted assertions feature enabled.
An attacker can exploit the issue by creating a fake SAML response to provision and/or gain access to a user with site administrator privileges, according to the bug advisory.
Versions of GitHub Enterprise Server prior to 3.13.0 are affected; the Microsoft-owned platform issued an emergency fix in versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4.
About the Author(s)
You May Also Like
Black Hat USA - Aug 3-8 - The Premier Technical Cybersecurity Conference - Learn More
August 3, 2024Anatomy of a Data Breach - Dark Reading June 20 Event
June 20, 2024Black Hat Europe - December 9-12 - Learn More
December 10, 2024SecTor - Canada's IT Security Conference Oct 22-24 - Learn More
October 22, 2024