Critical GitHub Enterprise Server Flaw Allows Authentication Bypass,
GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections.
Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication.
« On instances that use SAML single sign-on (SSO) authentication with the
Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication.
« On instances that use SAML single sign-on (SSO) authentication with the
,
GitHub has rolled out fixes to address a maximum severity flaw in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication protections.
Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication.
« On instances that use SAML single sign-on (SSO) authentication with the
Tracked as CVE-2024-4985 (CVSS score: 10.0), the issue could permit unauthorized access to an instance without requiring prior authentication.
« On instances that use SAML single sign-on (SSO) authentication with the
, ,
https://thehackernews.com/2024/05/critical-github-enterprise-server-flaw.html