Connect with us

Hi, what are you looking for?



Critical Authentication Bypass Resolved in GitHub Enterprise Server

Critical vulnerability in GitHub Enterprise Server allows unauthenticated attackers to obtain administrative privileges.

Code hosting platform GitHub has released patches for a critical-severity vulnerability in Enterprise Server that could allow unauthenticated attackers to obtain administrative privileges.

Tracked as CVE-2024-4985 (CVSS score of 10/10), the authentication bypass issue impacts Enterprise Server instances that rely on SAML single sign-on (SSO) authentication and have the optional encrypted assertions feature enabled.

The Microsoft-owned platform explains that an attacker exploiting this bug “could forge a SAML response to provision and/or gain access to a user with administrator privileges.”

“Exploitation of this vulnerability would allow unauthorized access to the instance without requiring prior authentication. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.13.0,” a NIST advisory reads.

According to GitHub, however, because encrypted assertions are not enabled by default, instances utilizing SAML SSO authentication without the feature are not impacted. Enterprise Server instances that do not use SAML SSO are not affected either.

The code-hosting platform has patched the vulnerability with the release of Enterprise Server versions 3.9.15, 3.10.12, 3.11.10, and 3.12.4.

GitHub made no mention of the vulnerability being exploited in the wild but, considering the severity of CVE-2024-4985, users are advised to update their GitHub Enterprise Server to a patched release as soon as possible.

“GitHub’s security flaw, CVE-2024-4985, is critical, giving anyone who exploits the issue in a version released before p3.13.0 of the code, full admin access to the GitHub Enterprise Server,” Hackuity VP Sylvain Cortes said in an emailed comment.

Advertisement. Scroll to continue reading.

“The maximum severity rating of 10 out of 10 puts users of such versions at incredibly high risk of attacker network ‘break-ins’. GitHub has issued an urgent patch for a reason – users of their Enterprise Server software should prioritize implementing this, and any other critical vulnerability patches, before it’s too late,” Cortes added. 

In early 2024, the code-hosting platform announced that it had rotated credentials after being alerted of a vulnerability in and GitHub Enterprise Server that allowed attackers to access credentials within a production container.

Related: GitHub Rolls Out ‘Code Scanning Autofix’ in Public Beta

Related: Threat Actors Manipulate GitHub Search to Deliver Malware

Related: IAM Credentials in Public GitHub Repositories Harvested in Minutes

Written By

Ionut Arghire is an international correspondent for SecurityWeek.


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.


The AI Risk Summit brings together security and risk management executives, AI researchers, policy makers, software developers and influential business and government stakeholders.


People on the Move

Retired U.S. Army General and former NSA Director Paul M. Nakasone has joined the Board of Directors at OpenAI.

Jill Passalacqua has been appointed Chief Legal Officer at autonomous security solutions provider

Cisco has appointed Sean Duca as CISO and Practice Leader for the APJC region.

More People On The Move

Expert Insights