CVE-2024-0507 – Privilege Escalation by Code Injection in the Management Console in GitHub Enterprise Server
https://notcve.org/view.php?id=CVE-2024-0507
An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program. Un atacante con acceso a una cuenta de usuario de Management Console con función de editor podría escalar privilegios a través de una vulnerabilidad de inyección de comandos en Management Console. Esta vulnerabilidad afectó a todas las versiones de GitHub Enterprise Server y se solucionó en las versiones 3.11.3, 3.10.5, 3.9.8 y 3.8.13. Esta vulnerabilidad se informó a través del programa GitHub Bug Bounty. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8 • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2024-0200 – Unsafe Reflection in Github Enterprise Server leading to Command Injection
https://notcve.org/view.php?id=CVE-2024-0200
An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. This vulnerability was reported via the GitHub Bug Bounty program. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVE-2023-6847 – Improper Authentication in GitHub Enterprise Server leading to Authentication Bypass for Public Repository Data
https://notcve.org/view.php?id=CVE-2023-6847
An improper authentication vulnerability was identified in GitHub Enterprise Server that allowed a bypass of Private Mode by using a specially crafted API request. To exploit this vulnerability, an attacker would need network access to the Enterprise Server appliance configured in Private Mode. This vulnerability affected all versions of GitHub Enterprise Server since 3.9 and was fixed in version 3.9.7, 3.10.4, and 3.11.1. This vulnerability was reported via the GitHub Bug Bounty program. Se identificó una vulnerabilidad de autenticación incorrecta en GitHub Enterprise Server que permitía omitir el Private Mode mediante el uso de una solicitud API especialmente manipulada. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7 • CWE-287: Improper Authentication •
CVE-2023-51380 – Incorrect Authorization allows Read Access to Issue Comments in GitHub Enterprise Server
https://notcve.org/view.php?id=CVE-2023-51380
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be read with an improperly scoped token. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.7.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. Se identificó una vulnerabilidad de autorización incorrecta en GitHub Enterprise Server que permitía leer los comentarios del problema con un token con un alcance incorrecto. Esta vulnerabilidad afectó a todas las versiones de GitHub Enterprise Server desde la 3.7 y se solucionó en las versiones 3.17.19, 3.8.12, 3.9.7, 3.10.4 y 3.11.1. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1 https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7 • CWE-863: Incorrect Authorization •
CVE-2023-51379 – Incorrect Authorization for Issue Comments in GitHub Enterprise Server
https://notcve.org/view.php?id=CVE-2023-51379
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token. This vulnerability did not allow unauthorized access to any repository content as it also required contents:write and issues:read permissions. This vulnerability affected all versions of GitHub Enterprise Server since 3.7 and was fixed in version 3.17.19, 3.8.12, 3.9.7, 3.10.4, and 3.11.1. Se identificó una vulnerabilidad de autorización incorrecta en GitHub Enterprise Server que permitía actualizar los comentarios del problema con un token con un alcance incorrecto. Esta vulnerabilidad no permitía el acceso no autorizado a ningún contenido del repositorio, ya que también requería permisos de contenido: problemas de lectura y escritura. • https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.4 https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.1 https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.19 https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.12 https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.7 • CWE-863: Incorrect Authorization •