{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-0200", "assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760", "state": "PUBLISHED", "assignerShortName": "GitHub_P", "dateReserved": "2024-01-02T19:47:57.924Z", "datePublished": "2024-01-16T18:50:48.931Z", "dateUpdated": "2024-08-01T17:41:16.005Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "affected", "product": "Enterprise Server", "vendor": "GitHub", "versions": [{"lessThan": "3.8.13", "status": "affected", "version": "3.8.0", "versionType": "semver"}, {"lessThan": "3.9.8", "status": "affected", "version": "3.9.0", "versionType": "semver"}, {"lessThan": "3.10.5", "status": "affected", "version": "3.10.0", "versionType": "semver"}, {"lessThan": "3.11.3", "status": "affected", "version": "3.11.0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Ngo Wei Lin of STAR Labs"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability&nbsp;could lead to the execution of user-controlled methods and remote code execution. To&nbsp;exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role.&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. This vulnerability was reported via the GitHub Bug Bounty program.</span><br><br>"}], "value": "An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability\u00a0could lead to the execution of user-controlled methods and remote code execution. To\u00a0exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role.\u00a0This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. This vulnerability was reported via the GitHub Bug Bounty program.\n\n"}], "impacts": [{"capecId": "CAPEC-138", "descriptions": [{"lang": "en", "value": "CAPEC-138 Reflection Injection"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-470", "description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760", "shortName": "GitHub_P", "dateUpdated": "2024-01-16T18:50:48.931Z"}, "references": [{"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13"}, {"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8"}, {"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5"}, {"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3"}], "source": {"discovery": "EXTERNAL"}, "title": "Unsafe Reflection in Github Enterprise Server leading to Command Injection", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-0200", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-22T16:25:02.384808Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:github:enterprise_server:-:*:*:*:*:*:*:*"], "vendor": "github", "product": "enterprise_server", "versions": [{"status": "affected", "version": "3.8.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:58:31.817Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T17:41:16.005Z"}, "title": "CVE Program Container", "references": [{"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5", "tags": ["x_transferred"]}, {"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T17:41:16.005Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-0200", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-04-22T16:25:02.384808Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:github:enterprise_server:-:*:*:*:*:*:*:*"], "vendor": "github", "product": "enterprise_server", "versions": [{"status": "affected", "version": "3.8.0"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-04-22T16:23:08.901Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "Unsafe Reflection in Github Enterprise Server leading to Command Injection", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "user": "00000000-0000-4000-9000-000000000000", "value": "Ngo Wei Lin of STAR Labs"}], "impacts": [{"capecId": "CAPEC-138", "descriptions": [{"lang": "en", "value": "CAPEC-138 Reflection Injection"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "LOW", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "GitHub", "product": "Enterprise Server", "versions": [{"status": "affected", "version": "3.8.0", "lessThan": "3.8.13", "versionType": "semver"}, {"status": "affected", "version": "3.9.0", "lessThan": "3.9.8", "versionType": "semver"}, {"status": "affected", "version": "3.10.0", "lessThan": "3.10.5", "versionType": "semver"}, {"status": "affected", "version": "3.11.0", "lessThan": "3.11.3", "versionType": "semver"}], "defaultStatus": "affected"}], "references": [{"url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13"}, {"url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8"}, {"url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5"}, {"url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability\u00a0could lead to the execution of user-controlled methods and remote code execution. To\u00a0exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role.\u00a0This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. This vulnerability was reported via the GitHub Bug Bounty program.\n\n", "supportingMedia": [{"type": "text/html", "value": "An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability&nbsp;could lead to the execution of user-controlled methods and remote code execution. To&nbsp;exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role.&nbsp;<span style=\"background-color: rgb(255, 255, 255);\">This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. This vulnerability was reported via the GitHub Bug Bounty program.</span><br><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-470", "description": "CWE-470 Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')"}]}], "providerMetadata": {"orgId": "82327ea3-741d-41e4-88f8-2cf9e791e760", "shortName": "GitHub_P", "dateUpdated": "2024-01-16T18:50:48.931Z"}}}, "cveMetadata": {"cveId": "CVE-2024-0200", "state": "PUBLISHED", "dateUpdated": "2024-08-01T17:41:16.005Z", "dateReserved": "2024-01-02T19:47:57.924Z", "assignerOrgId": "82327ea3-741d-41e4-88f8-2cf9e791e760", "datePublished": "2024-01-16T18:50:48.931Z", "assignerShortName": "GitHub_P"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "253739D1-3AED-408C-97C9-279159F8AE96", "versionEndExcluding": "3.8.13", "versionStartIncluding": "3.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "ECFE0544-DC34-4F4F-B803-AEBCF7B2B74F", "versionEndExcluding": "3.9.8", "versionStartIncluding": "3.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "319648B0-78F1-444D-A947-DB4E0BDFAC6E", "versionEndExcluding": "3.10.5", "versionStartIncluding": "3.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:github:enterprise_server:*:*:*:*:*:*:*:*", "matchCriteriaId": "107BE45D-EA6F-499B-872D-38883D296915", "versionEndExcluding": "3.11.3", "versionStartIncluding": "3.11.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability\u00a0could lead to the execution of user-controlled methods and remote code execution. To\u00a0exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role.\u00a0This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. This vulnerability was reported via the GitHub Bug Bounty program.\n\n"}, {"lang": "es", "value": "Se identific\u00f3 una vulnerabilidad de reflexi\u00f3n insegura en GitHub Enterprise Server que podr\u00eda provocar una inyecci\u00f3n de reflexi\u00f3n. Esta vulnerabilidad podr\u00eda conducir a la ejecuci\u00f3n de m\u00e9todos controlados por el usuario y a la ejecuci\u00f3n remota de c\u00f3digo. Para aprovechar este error, un actor deber\u00eda iniciar sesi\u00f3n en una cuenta en la instancia de GHES con el rol de propietario de la organizaci\u00f3n. Esta vulnerabilidad afect\u00f3 a todas las versiones de GitHub Enterprise Server anteriores a la 3.12 y se solucion\u00f3 en las versiones 3.8.13, 3.9.8, 3.10.5 y 3.11.3. Esta vulnerabilidad se inform\u00f3 a trav\u00e9s del programa GitHub Bug Bounty."}], "id": "CVE-2024-0200", "lastModified": "2024-11-21T08:46:03.023", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 1.3, "impactScore": 5.3, "source": "product-cna@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-16T19:15:08.667", "references": [{"source": "product-cna@github.com", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5"}, {"source": "product-cna@github.com", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3"}, {"source": "product-cna@github.com", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13"}, {"source": "product-cna@github.com", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Release Notes"], "url": "https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8"}], "sourceIdentifier": "product-cna@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-470"}], "source": "product-cna@github.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-470"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}