An improper privilege management vulnerability allowed users to migrate private repositories without having appropriate scopes defined on the related Personal Access Token. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17.
References
Configurations
Configuration 1 (hide)
|
History
17 Sep 2024, 16:42
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
References | () https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.14 - Release Notes | |
References | () https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.10 - Release Notes | |
References | () https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6 - Release Notes | |
References | () https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1 - Release Notes | |
References | () https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17 - Release Notes | |
First Time |
Github
Github enterprise Server |
|
CPE | cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:* cpe:2.3:a:github:enterprise_server:3.13.0:*:*:*:*:*:*:* |
16 Jul 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-16 22:15
Updated : 2024-09-17 16:42
NVD link : CVE-2024-5566
Mitre link : CVE-2024-5566
CVE.ORG link : CVE-2024-5566
JSON object : View
Products Affected
github
- enterprise_server
CWE