August 21, 2024 at 10:22AM
A critical vulnerability, CVE-2024-6800, in GitHub Enterprise Server allows an attacker to gain admin privileges by exploiting a problem with SAML authentication. Over 36,500 GHES instances are accessible online, mostly in the US. GitHub has released fixed versions and warns of potential errors and issues during the update process.
Based on the meeting notes, here are the key takeaways:
1. A critical vulnerability identified as CVE-2024-6800 affects multiple versions of GitHub Enterprise Server, potentially allowing attackers to gain administrator privileges through SAML single sign-on (SSO) authentication.
2. More than 36,500 GitHub Enterprise Server instances are accessible over the internet, with the bulk of them located in the United States. However, it is uncertain how many of these instances are running vulnerable versions of the product.
3. GitHub has released new versions (3.13.3, 3.12.8, 3.11.14, and 3.10.16) to address the critical vulnerability, along with two other medium severity vulnerabilities (CVE-2024-7711 and CVE-2024-6337).
4. All three security issues were reported through GitHub’s Bug Bounty program on the HackerOne platform.
5. GitHub advises that while applying the security updates, some services might display errors during the configuration process, but the instances should still start correctly. Additionally, there are noted issues related to log entries, memory utilization, and service interruptions during specific operations, so system admins are recommended to check the ‘Known issues’ section before applying the update.
Let me know if you need further detail or clarification on any of the points.