May 22, 2024 at 09:03AM
GitHub has released patches for a critical-severity vulnerability in Enterprise Server, impacting instances using SAML SSO authentication and encrypted assertions. The CVE-2024-4985 vulnerability allows unauthorized access to administrative privileges. GitHub advises updating to patched releases 3.9.15, 3.10.12, 3.11.10, or 3.12.4 to mitigate the risk. Users are urged to prioritize implementing the patch.
Based on the meeting notes, the key takeaways are as follows:
1. GitHub has released patches for a critical-severity vulnerability, tracked as CVE-2024-4985 with a CVSS score of 10/10, in its Enterprise Server. This vulnerability could allow unauthenticated attackers to obtain administrative privileges.
2. The vulnerability impacts Enterprise Server instances that rely on SAML single sign-on (SSO) authentication and have the optional encrypted assertions feature enabled.
3. Exploitation of the vulnerability could allow unauthorized access to the instance without requiring prior authentication. However, instances utilizing SAML SSO authentication without the encrypted assertions feature and those not using SAML SSO are not affected.
4. GitHub has patched the vulnerability with the release of Enterprise Server versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4.
5. Users are advised to update their GitHub Enterprise Server to a patched release as soon as possible, particularly due to the severity of the vulnerability.
6. GitHub made no mention of the vulnerability being exploited in the wild. However, users are strongly encouraged to implement the urgent patch to mitigate the risk.
7. Hackuity VP Sylvain Cortes emphasized the critical nature of the security flaw and the high risk of attacker network ‘break-ins’ for users of versions released before 3.13.0 of the code. He urged users to prioritize implementing the patch to address this and any other critical vulnerabilities.
These clear takeaways from the meeting notes highlight the urgency of addressing the vulnerability and updating GitHub Enterprise Server to the patched release to mitigate the risk of unauthorized access and maintain security.