Analysis Summary

CVE-2024-7711 CVSS:5.4

GitHub Enterprise Server could allow a remote authenticated attacker to bypass security restrictions, caused by improper authorization validation. By sending a specially crafted request, an attacker could exploit this vulnerability to update the title, assignees, and labels of any issue inside a public repository.

CVE-2024-6337 CVSS:6.3

GitHub Enterprise Server could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization validation. By executing a specially crafted application, an attacker could exploit this vulnerability to read issue content inside a private repository, and use this information to launch further attacks against the affected system.

CVE-2024-6800 CVSS:9

GitHub Enterprise Server could allow a remote attacker to bypass security restrictions, caused by a flaw when using SAML authentication with specific identity providers. By sending a specially crafted request utilizing publicly exposed signed federation metadata XML, an attacker could exploit this vulnerability to forge a SAML response to provision and/or gain access to a user with site administrator privileges.

Impact

• Security Bypass
• Information Disclosure

Indicators of Compromise

CVE

• CVE-2024-7711
• CVE-2024-6337
• CVE-2024-6800

Affected Vendors

Remediation

Upgrade to the latest version of GitHub Enterprise Server, available from the GitHub Website.

CVE-2024-7711

CVE-2024-6337

CVE-2024-6800