March 9, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewertz Threat Update – Orbit Chain Breach Results in Theft of Over $81 Million in Cryptocurrency
January 4, 2024Rewterz Threat Alert – Bitter APT Group – Active IOCs
January 5, 2024Rewertz Threat Update – Orbit Chain Breach Results in Theft of Over $81 Million in Cryptocurrency
January 4, 2024Rewterz Threat Alert – Bitter APT Group – Active IOCs
January 5, 2024
Severity
Medium
Analysis Summary
CVE-2023-6804
GitHub Enterprise Server could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper privilege management. An attacker could exploit this vulnerability to cause arbitrary workflows to be committed and run using an improperly scoped PAT.
Impact
- Privileges Escalation
Indicators Of Compromise
CVE
- CVE-2023-6804
Affected Vendors
GitHUB
Affected Products
- GitHub Enterprise Server 3.9.6
- GitHub Enterprise Server 3.10.3
- GitHub Enterprise Server 3.11.0
- GitHub Enterprise Server 3.8.11
Remediation
Refer to GitHub Docs Website for patch, upgrade or suggested workaround information.