URL has been copied successfully!
GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access – Information is key, but action opens the lock
URL has been copied successfully!

Information is key, but action opens the lock

GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access

by

Andy Stern
in

Tags: , , , , , , ,

GitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance.The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0″An attacker could bypass SAML single sign-on (SSO) authentication with the optional encrypted assertions feature, allowing

First seen on thehackernews.com

Jump to article: thehackernews.com/2024/10/github-patches-critical-flaw-in.html

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. GitLab Urges Organization to Patch for Authentication Bypass Vulnerability
  2. CVE-2024-47076, CVE-2024-47175, CVE-2024-47176, CVE-2024-47177: Frequently Asked Questions About Common UNIX Printing System (CUPS) Vulnerabilities
  3. SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
  4. Fortigate SSLVPN Vulnerability Exploited in the Wild