Analysis Summary

CVE-2024-3684 CVSS:8

GitHub Enterprise Server is vulnerable to server-side request forgery, caused by a flaw when configuring the Artifacts & Logs and Migrations Storage. By sending a specially crafted request, an attacker could exploit this vulnerability to conduct SSRF attack to gain admin access to the appliance.

CVE-2024-3646 CVSS:8

GitHub Enterprise Server could allow a remote authenticated attacker to bypass security restrictions, caused by a command injection flaw when configuring the chat integration. By sending a specially crafted request, an attacker could exploit this vulnerability to gain administrative SSH access to the appliance.

CVE-2024-3470 CVSS:5.9

GitHub Enterprise Server could allow a remote authenticated attacker to bypass security restrictions, caused by improper privilege management. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass a ruleset that specified organization administrators as bypass actors.

Impact

• Gain Access
• Security Bypass

Indicators of Compromise

CVE

• CVE-2024-3684
• CVE-2024-3646
• CVE-2024-3470

Affected Vendors

Remediation

Upgrade to the latest version of GitHub Enterprise Server, available from the GitHub Website.

CVE-2024-3684

CVE-2024-3646

CVE-2024-3470