CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-1359 – Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console
https://notcve.org/view.php?id=CVE-2024-1359
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance when setting up an HTTP proxy. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program https://bounty.github.com . Se identificó una vulnerabilidad de inyección de comandos en GitHub Enterprise Server que permitió a un atacante con una función de editor en Management Console obtener acceso SSH de administrador al dispositivo al configurar un proxy HTTP. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.7 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.5 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.15 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.10 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 9.1EPSS: 0%CPEs: 4EXPL: 0CVE-2024-1355 – Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console
https://notcve.org/view.php?id=CVE-2024-1355
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the actions-console docker container while setting a service URL. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vulnerabilidad de inyección de comandos en GitHub Enterprise Server que permitió a un atacante con una función de editor en la Consola de administración obtener acceso SSH de administrador al dispositivo a través del contenedor acoplable de la consola de acciones mientras configuraba una URL de servicio. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.7 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.5 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.15 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.10 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.0EPSS: 0%CPEs: 4EXPL: 0CVE-2024-1354 – Command injection vulnerability was identified in GitHub Enterprise Server that allowed privilege escalation in the Mangement Console
https://notcve.org/view.php?id=CVE-2024-1354
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the appliance via the `syslog-ng` configuration file. Exploitation of this vulnerability required access to the GitHub Enterprise Server instance and access to the Management Console with the editor role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vulnerabilidad de inyección de comandos en GitHub Enterprise Server que permitió a un atacante con función de editor en Management Console obtener acceso SSH de administrador al dispositivo a través del archivo de configuración `syslog-ng`. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.7 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.5 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.15 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.10 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-1082 – Path traversal vulnerability in GitHub Enterprise Server that allowed arbitrary file read with a specially crafted GitHub Pages artifact upload
https://notcve.org/view.php?id=CVE-2024-1082
A path traversal vulnerability was identified in GitHub Enterprise Server that allowed an attacker to gain unauthorized read permission to files by deploying arbitrary symbolic links to a GitHub Pages site with a specially crafted artifact tarball. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.15, 3.9.10, 3.10.7, 3.11.5. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vulnerabilidad de path traversal en GitHub Enterprise Server que permitió a un atacante obtener permiso de lectura no autorizado de archivos mediante la implementación de enlaces simbólicos arbitrarios a un sitio de GitHub Pages con un archivo tar de artefacto especialmente manipulado. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.7 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.5 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.15 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.10 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2024-1084
https://notcve.org/view.php?id=CVE-2024-1084
Cross-site Scripting in the tag name pattern field in the tag protections UI in GitHub Enterprise Server allows a malicious website that requires user interaction and social engineering to make changes to a user account via CSP bypass with created CSRF tokens. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in all versions of 3.11.5, 3.10.7, 3.9.10, and 3.8.15. This vulnerability was reported via the GitHub Bug Bounty program. Cross-Site Scripting en el campo de patrón de nombre de etiqueta en la interfaz de usuario de protección de etiquetas en GitHub Enterprise Server permiten que un sitio web malicioso que requiere interacción del usuario e ingeniería social realice cambios en una cuenta de usuario a través de la omisión de CSP con tokens CSRF creados. Esta vulnerabilidad afectó a todas las versiones de GitHub Enterprise Server anteriores a la 3.12 y se solucionó en todas las versiones 3.11.5, 3.10.7, 3.9.10 y 3.8.15. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.7 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.5 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.15 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.10 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •