CVE-2024-9487

An improper verification of cryptographic signature vulnerability was identified in GitHub Enterprise Server that allowed SAML SSO authentication to be bypassed resulting in unauthorized provisioning of users and access to the instance. Exploitation required the encrypted assertions feature to be enabled, and the attacker would require direct network access as well as a signed SAML response or metadata document. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.15 and was fixed in versions 3.11.16, 3.12.10, 3.13.5, and 3.14.2. This vulnerability was reported via the GitHub Bug Bounty program.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*
cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*
cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*
cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*

History

15 Nov 2024, 16:57

Type Values Removed Values Added
CPE cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 9.1
First Time Github enterprise Server
Github
References () https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.16 - () https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.16 - Release Notes
References () https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.10 - () https://docs.github.com/en/enterprise-server@3.12/admin/release-notes#3.12.10 - Release Notes
References () https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.5 - () https://docs.github.com/en/enterprise-server@3.13/admin/release-notes#3.13.5 - Release Notes
References () https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.2 - () https://docs.github.com/en/enterprise-server@3.14/admin/release-notes#3.14.2 - Release Notes

15 Oct 2024, 12:58

Type Values Removed Values Added
Summary
  • (es) Se identificó una vulnerabilidad de verificación incorrecta de la firma criptográfica en GitHub Enterprise Server que permitía eludir la autenticación SSO SAML, lo que daba como resultado el aprovisionamiento no autorizado de usuarios y el acceso a la instancia. Para explotarla, era necesario habilitar la función de aserciones cifradas y el atacante necesitaba acceso directo a la red, así como una respuesta SAML firmada o un documento de metadatos. Esta vulnerabilidad afectó a todas las versiones de GitHub Enterprise Server anteriores a la 3.15 y se solucionó en las versiones 3.11.16, 3.12.10, 3.13.5 y 3.14.2. Esta vulnerabilidad se informó a través del programa de recompensas por errores de GitHub.

10 Oct 2024, 22:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-10-10 22:15

Updated : 2024-11-15 16:57


NVD link : CVE-2024-9487

Mitre link : CVE-2024-9487

CVE.ORG link : CVE-2024-9487


JSON object : View

Products Affected

github

  • enterprise_server
CWE
CWE-347

Improper Verification of Cryptographic Signature