An improper privilege management vulnerability allowed users to migrate private repositories without having appropriate scopes defined on the related Personal Access Token. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17.
References
Configurations
Configuration 1 (hide)
|
History
17 Sep 2024, 16:42
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
CWE | NVD-CWE-noinfo | |
First Time |
Github
Github enterprise Server |
|
CPE | cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:* cpe:2.3:a:github:enterprise_server:3.13.0:*:*:*:*:*:*:* |
|
Summary |
|
|
References | () https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.14 - Release Notes | |
References | () https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.10 - Release Notes | |
References | () https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.6 - Release Notes | |
References | () https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.1 - Release Notes | |
References | () https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.17 - Release Notes |
16 Jul 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-07-16 22:15
Updated : 2024-09-17 16:42
NVD link : CVE-2024-5566
Mitre link : CVE-2024-5566
CVE.ORG link : CVE-2024-5566
JSON object : View
Products Affected
github
- enterprise_server
CWE