GitHub has swiftly tackled a significant vulnerability in their GitHub Enterprise Server (GHES), identified as CVE-2024-4985, which posed a critical risk of authentication bypass. This flaw, with a CVSS score of 10.0, could potentially grant unauthorized access to site administrator privileges.
The GitHub Enterprise Server (GHES) is a tailored version of GitHub, primarily designed for organizational use, providing robust source code management, collaboration tools, and CI/CD capabilities. It enables organizations to host the platform on their infrastructure, ensuring greater data control, enhanced security, and flexibility to meet internal compliance requirements.
The vulnerability specifically impacts GHES installations using SAML single sign-on (SSO) with encrypted assertions. Attackers could exploit this flaw to forge SAML responses, thereby gaining unauthorized access to administrative privileges without prior authentication.
However, GitHub reassured users that encrypted assertions are not enabled by default, and the vulnerability only affects installations utilizing SAML SSO with encrypted assertions. GitHub promptly addressed the issue in versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4 of GHES, highlighting their commitment to security and prompt resolution of potential threats.
